Information Systems Security Officer (ISSO) - Mid Level (TS required, eligible for SCI) jobs in United States
cer-icon
Apply on Employer Site
company-logo

RedTrace Technologies · 21 hours ago

Information Systems Security Officer (ISSO) - Mid Level (TS required, eligible for SCI)

positionWashington, DC
timeFull-time
remoteHybrid
seniorityMid, Senior Level
date5+ years exp

RedTrace Technologies is seeking a Mid Level Information Systems Security Officer (ISSO) to support cybersecurity and management efforts for a federal customer. The role involves ensuring the security configuration and practices for information systems, conducting vulnerability scans, and managing risks to agency assets.

ConsultingCyber SecurityInformation TechnologyManagement Consulting
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS
Provide liaison support between the system owner and other IS security personnel
Ensure that selected security controls are implemented and operating as intended during all phases of the IS lifecycle
Ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis
Conduct required IS vulnerability scans according to risk assessment parameters
Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities
Manage the risks to ISs and other agency assets by coordinating appropriate correction or mitigation actions, and oversee and track the timely completion of (POAMs)
Coordinate system owner concurrence for correction or mitigation actions
Monitor security controls for agency ISs to maintain security Authorized To Operate (ATO)
Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase
Ensure that changes to an agency IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM)
Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR
Provide baseline security controls to the system owner, contingent upon the IS’s security categorization, type of information processed and entity type
Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems’ impact levels and ISs’ authorization boundary
Ensure that new entities are created in the GRC application with the security categorization of agency ISs
Initiate, coordinate, and recommend to the agency Authorizing Official all Interconnection Security Agreement (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an agency IS with any non-agency or joint-use IS
Perform an independent review of the System Security Plan (SSP) and make approval decisions
Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the agency Authorizing Official
Schedule security control assessments in coordination with the system owner
Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the agency Authorizing Official for a security ATO decision
Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number
Advise the agency Authorizing Official of IS vulnerabilities and residual risks
Ensure that all POA&M actions are completed and tested
Coordinate initiation of an event-driven reauthorization with the agency Authorizing Official
Ensure the removal and retirement of agency ISs being decommissioned, in coordination with the SO, ISSO, and ISSR

Qualification

Information Systems Security OfficerCybersecurityRisk Management FrameworkTenable NessusCertified Information Systems Security ProfessionalTeam collaborationCommunication skills

Required

Current U.S. Government Top Secret Clearance w/ SCI and a CI-Polygraph eligibility
Must be a U.S Citizen
5+ years serving as an Information Systems Security Officer (ISSO) at a cleared facility
Minimum of 5 years of work experience in a computer science or Cybersecurity related field
Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications
Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level I proficiency

Preferred

A bachelor's and/or advanced degree in computer science, business management, or IT-related discipline

Benefits

401(k) plan
Annual performance bonus
Certification and advanced degree attainment bonuses
Student Loan / Tuition reimbursement
Health Care Insurance (medical, dental, vision)
Up to four weeks of paid vacation
11 Federal Holidays, and 3 Floating Holidays
Team bonding events

Company

RedTrace Technologies

twittertwittertwitter
company-logo
RedTrace Technologies is a cybersecurity, information technology and management consulting firm.
dateFounded in 2018
location
Catonsville, Maryland, USA
people-size11-50 employees
web-link
https://www.redtracetech.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase