Apply on Employer Site

Booz Allen Hamilton · 12 hours ago

Information Systems Security Officer

Kirtland, NM

Full-time

Hybrid

Mid, Senior Level

$99K/yr - $225K/yr

2+ years exp

Booz Allen Hamilton is a leading consulting firm focused on providing innovative solutions to complex challenges. They are seeking an Information Systems Security Officer (ISSO) to identify cyber risks, develop mitigation plans, and collaborate with government stakeholders to enhance information security measures.

ConsultingCyber SecurityIT InfrastructureManagement ConsultingSecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Work with government stakeholders to identify cyber risks, understand applicable policies, and develop a mitigation plan

Monitor the information systems and their environment, including developing and updating the authorization documentation and implement configuration management across authorization boundaries

Conduct risk assessments, considering data confidentiality, integrity, and availability

Be involved in organized Incident Response actions such as guiding and reporting back to key stakeholders

Support the team in meeting authorization timelines and coordinating communications with external entities in support of that objective

Qualification

Risk management methodologiesNIST SP 800 seriesATO authorization packagesDoD security STIGsCybersecurity leadershipXactaEMASSCompliance analysisAudit log reviewsTS/SCI clearanceCGRC CertificationCCNA-SecurityCASP+ CertificationCISSP CertificationSecurity+ CertificationAWS Solutions ArchitectCertified Security - SpecialtyCommunication skillsOrganizational skills

Required

2+ years of experience implementing risk management methodologies contained in best practice documentation such as NIST SP 800-30, SP 800-53, SP 800-128, SP 800-160, SP 800-171, or CIS benchmarks, in support of system security configurations, practices, and oversight

Experience as a System Administrator, Network Administrator, or ISSO

Experience with control implementations associated with RMF, FedRAMP, ICD 503, and DoD information levels, including applying them to the design and implementation of IT solutions to achieve system authorizations

Experience developing and reviewing ATO authorization packages in Xacta or eMASS

Experience analyzing compliance and vulnerability scan results, and implementing appropriate mitigations

Experience with DoD security technical implementation guides (STIGs), checklists, and testing tools, including STIG Viewer, SCAP, and ACAS scanning tools

Experience performing audit log reviews to detect anomalous behavior in information systems and networks, and overseeing continuous monitoring activities

Active TS/SCI clearance; willingness to take a polygraph exam

Bachelor's degree in a Cybersecurity field and 2+ years of experience providing cybersecurity leadership in an ISSO capacity, interfacing with internal and external SMEs such as PMs, Cyber Assessors, and AOs, or 5+ years of experience providing cybersecurity leadership in an ISSO capacity, interfacing with internal and external SMEs such as PMs, Cyber Assessors, and AOs, in lieu of a degree

DoD Directive 8140 Qual Matrix for Information Assurance Technician Level II or Information Assurance Manager II Certification