***TOP SECRET CLEARANCE REQUIRED***
System Auditing:
4 years
Certification:
Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security)
Experience
Regulatory & Compliance:
4 years
STIGs/SCAP:
4 years
Assessing Security Controls (CS105.16):
4 years
Assessment and Authorization:
4 years
Authorizing Systems (CS106.16):
4 years
Categorization of the System (CS102.16):
4 years
Continuous Monitoring (CS200.16):
4 years
Implementation of Controls (CS104.16):
4 years
Monitoring Security Controls (CS107.16):
4 years
NIST 800-53:
4 years
NIST SP 800-37:
4 years
Risk Management Framework (RMF):
4 years
Selecting Security Controls (CS103.16):
4 years
Nice to Have
Degree Level:
Bachelor's Degree
Background/Need
The team is in need of an additional ISSO candidate to continue work within the Cyber Security Team.
Virtual/Work from Home
Onsite
* Assist and Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
* Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
* Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
* Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
* Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
* Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
* Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stake holders. Recognize a possible security violation and take appropriate action to report the incident, as required.
* Assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy.
* Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures.
* Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
* Lead and align information technology (IT) security priorities with the security strategy.
* Prepare for and participate in periodic organization compliance assessments. Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
Education and Certifications:
-BS degree is preferred but not required
-Security Plus is the minimum 8570 certification requirement.
-A TS clearance with SCI eligibility is required. Candidate may be required to pass a CI polygraph.
-Interview process will consist of a phone screen followed by an extensive zoom interview with the team members.
