Greetings, LinkedIn Family!
We are Hiring!
Position: Information System Security Officer (ISSO)
Location: Washington, DC
Work Type: Hybrid (On-Site 2 days a week)
Position Type: Proposal (Starting from October 2024)
Clearance: No
Eligibility: US Citizens/GC
Role and Responsibilities:
As an Information System Security Officer (ISSO), you will serve as the primary liaison between TDS-IS and the various business units at the National Gallery of Art. You will be the principal advisor on all technical matters concerning information system security and ensure that appropriate operational security measures are maintained for the information systems assigned to you. Your role involves providing guidance, oversight, and expertise, crucial for developing security documents and implementing security controls effectively.
Duties/Responsibilities:
- Support the operation and maintenance of assigned business applications in alignment with the National Gallery’s IT security program.
- Maintain a catalog of IT enterprise and departmental business applications, including system and vendor points of contact, tier, location, and type.
- Act as the primary contact for implementing and enforcing information security policies (e.g., account management, configuration management).
- Participate in implementing system security policies, standards, and procedures.
- Ensure interconnection security agreements (ISA) are in place for key interfaces.
- Oversee annual backup and restore tests for on-premise business applications.
- Review vendor capabilities and security posture for potential new systems.
- Collaborate with the operations team and vendors to patch system vulnerabilities and perform timely upgrades.
- Manage relationships with third-party vendors for National Gallery IT contracts.
- Review and address results from vulnerability scans, coordinating remediation efforts.
- Work with the Contracts and Procurement Office to ensure IT security requirements are included in contracts.
- Advise clients on software maintenance and manage third-party risk.
Required Skills/Abilities:
- Strong qualifications in information technology with at least 3+ years of progressive IT security experience.
- Bachelor’s degree in IT, computer science, engineering, or a related field; relevant certifications (e.g., Security+, CAP, SSCP) preferred.
- Knowledge of SP 800-53 security controls and their applicability to IT systems.
- Experience with Windows, Mac, and/or Linux systems.
- Ability to stay current with evolving IT security technologies and practices.
- Demonstrated ability to plan and organize work, meeting deadlines with minimal supervision.
Regards,
Stella Zehera
Sr. Recruitment Professional
Direct: 703.552.8067
Main: 703.936.0100 *620
Email: stella.zehera@iQuasar.com