Information Systems Solutions, Inc. · 2 weeks ago
IS/IT Subject Matter Expert Level V - Assessment and Authorization (A&A) SME
Suffolk,VA,US
Full-time
Onsite
Senior Level, Lead/Staff
10+ years expInformation Systems Solutions (ISS) is looking for an IS/IT Subject Matter Expert Level V to support the JS J7 Joint Training DevSecOps pipeline core infrastructure and data center in Suffolk, VA. The selected candidate will be responsible for supporting the Deputy Directorate, Joint Training (DDJT) for Assessment and Authorization (A&A) accreditation efforts.
Information ServicesInformation TechnologySoftware
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Serve as the primary Subject Matter Expert (SME) for all aspects of the Assessment and Authorization process in accordance with the DoD Risk Management Framework (RMF) model
Lead the effort utilizing Enterprise Mission Assurance Support Service (eMASS) to document activities, including implementation of all applicable security controls as identified via information system security categorization in accordance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 and Committee on National Security Systems Instructions (CNSSI) 1253
Test and apply security controls based on security categorization, the application of overlays (privacy, classified, intel, etc.) and security control tailoring (AI, NOFORN, etc.). Collaboration with team leads, system owners, developers, and other key stakeholders to ensure security requirements are integrated throughout system design and implementation
Conduct active and passive reconnaissance of data, with the ability to assess and author Plans of Milestones and Actions (POA&Ms) containing accurate and verifiable mitigation statements, milestone tracking, and applying to the most relevant security control. Development of comprehensive required A&A documentation, including System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Reports (SARs), etc
Adherence to the eMASS scheduled tasking within the accreditation cycle, including Quarterly Independent Verification and Validation (IV&V), quarterly STIG checks, Annual Security Review (ASR), monthly POA&M updates, and resubmission for ATO, ATC, IATC and IATT as applicable
Maintenance of DISA circuit connections (CCSDs), inheritance from accredited systems and cloud service providers, and the workflow schedule on accredit
Qualification
Required
TS/SCI clearance
One of the following certifications: CompTIA Advanced Security Practitioner (CASP CE), Cisco Certified Network Professional Security (CCNP Security), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), GIAC Certified Enterprise Defender (GCED), GIAC Certified Incident Handler (GCIH)
Functional area training certificate (required prior to start date)
A Master's of Cybersecurity or related degree, or 10 years of experience in cybersecurity analysis with an understanding of applicable laws, acts, policies, protocols, and regulations
At least 5 years of experience related to DoD cybersecurity policies, procedures, and related directives including Task Orders, Executive Orders, Operational Orders, OPSEC, OSINT, etc
Benefits
Fully vested 401(k) matching program
Coverage of family medical deductibles
Spot bonuses
Educational assistance to further your career
Company
Information Systems Solutions, Inc.
ISS is an innovative information technology (IT) services and solutions provider to the Department of Defense (DoD) and other federal government agencies.
201-500 employees
Funding
Current Stage
Growth StageLeadership Team
Brian Buran
Chief Operating Officer
Company data provided by crunchbase