ERT · 1 day ago
Information System Security Officer (ISSO)
Suitland, MD
Full-time
Hybrid
Mid, Senior Level
$66K/yr - $242K/yr
6+ years expERT is seeking an Information System Security Officer (ISSO) to support work at the NOAA National Environmental Satellite Data and Information Service (NESDIS) Office of Satellite and Product Operations (OSPO). The ISSO will provide management and oversight of daily security operations and serve as the principal IT security advisor to the System Owner.
AnalyticsBusiness DevelopmentInformation TechnologyInternetSoftware
No H1B
U.S. Citizen Only
Responsibilities
Providing management and oversight of daily security operations, and principal IT security advisor to the System Owner
Experience in implementation and monitoring of information system compliance with Federal, NIST, Department of Commerce (DOC), NOAA, NESDIS, or OSPO (Office of Satellite and Product Operations) information security control policies and procedures, ensuring industry and/or U.S. Federal government best practices are followed
Experience in the development, management, and maintenance of the entire core documents package (including, but not limited to the System Security Plan (SSP), FIPS 199, FIPS 200, and Contingency Plan)
Ability to lead successful collaboration between system administrators and independent assessors in order to generate quality artifacts during annual security controls assessments
Maintenance of the security authorization package in the Cyber Security Assessment and Management (CSAM) system. Conducting Security Impact Analysis (SIA)
Coordination with network and system support personnel to ensure software, firmware, and security updates are applied to components within deadlines
Planning, management, and execution of weekly, monthly and quarterly vulnerability scans
Analysis of monthly and vulnerability scan results, Security Controls Assessment (SCA) results, and penetration test results and corresponding remediation plans
Development, management, and maintenance of POA&Ms in CSAM
Planning, execution, and documentation of continuous monitoring activities
Planning, coordination, management, and oversight of implementation NOAA/NESDIS/OSPO standard technologies such as ArcSight, BigFix, Axonius, and Tenable Security Center
Expertise in cloud (AWS) security tools highly preferred
Qualification
Required
A minimum of 6 years of experience
CISSP certification required; CGRC, or CEH certifications preferred
Experience in implementation and monitoring of information system compliance with Federal, NIST, Department of Commerce (DOC), NOAA, NESDIS, or OSPO (Office of Satellite and Product Operations) information security control policies and procedures, ensuring industry and/or U.S. Federal government best practices are followed
Experience in the development, management, and maintenance of the entire core documents package (including, but not limited to the System Security Plan (SSP), FIPS 199, FIPS 200, and Contingency Plan)
Ability to lead successful collaboration between system administrators and independent assessors in order to generate quality artifacts during annual security controls assessments
Maintenance of the security authorization package in the Cyber Security Assessment and Management (CSAM) system. Conducting Security Impact Analysis (SIA)
Coordination with network and system support personnel to ensure software, firmware, and security updates are applied to components within deadlines
Planning, management, and execution of weekly, monthly and quarterly vulnerability scans
Analysis of monthly and vulnerability scan results, Security Controls Assessment (SCA) results, and penetration test results and corresponding remediation plans
Development, management, and maintenance of POA&Ms in CSAM
Planning, execution, and documentation of continuous monitoring activities
Planning, coordination, management, and oversight of implementation NOAA/NESDIS/OSPO standard technologies such as ArcSight, BigFix, Axonius, and Tenable Security Center
Must be a US Citizen or Permanent Resident who has lived in the United States at least 3 out of the last 5 years and be able to pass a background investigation to obtain a security badge to access applicable government facilities and systems
B.S. in Engineering or related technical field, or equivalent combination of education and experience
Preferred
CGRC, or CEH certifications preferred
Expertise in cloud (AWS) security tools highly preferred
Benefits
Medical, Rx, Dental, and Vision Insurance
401(k) retirement plan with company-matching
11 Paid Federal Government Holidays
Paid Time Off (PTO)
Basic Life & Supplemental Life
Health Savings Account, Flexible Spending and Dependent Care Flexible Spending Accounts
Short-Term & Long-Term Disability
Employee assistance program (EAP)
Tuition Reimbursement, Personal Development & Learning Opportunities
Skills Development & Certifications
Professional Membership Reimbursement
Employee Referral Program
Competitive compensation plan
Discretionary variable incentive bonuses based on factors such as individual performance, business unit performance, and/or the company’s performance
Publication and Conference Presentation Awards with bonuses
Company
ERT
At ERT, we have been providing high-value solutions and expertise to our partners at U.S. Federal agencies for over 30 years.
501-1000 employees
Funding
Current Stage
Late StageTotal Funding
unknownKey Investors
Macquarie Capital
2024-05-21Series Unknown
Leadership Team
Hugh R Johnson
Deputy Chief Operating Officer
Lauren Taneyhill
Strategic Partnerships and Community Engagement Specialist
Company data provided by crunchbase