Information Systems Security Officer (ISSO) jobs in United States
info-icon
This job has closed.
company-logo

Apavo Corporation · 14 hours ago

Information Systems Security Officer (ISSO)

positionArlington, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date8+ years exp

Apavo Corporation is at the forefront of cybersecurity, providing services to military, defense, and critical infrastructure industries. The Information System Security Officer (ISSO) is responsible for supporting the Information System Security Manager and ensuring compliance with cybersecurity policies within the DOD and intelligence community.

Computer & Network Security
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Supporting the development and maintenance of the organizational or system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures
Ensuring stakeholders are properly identified and information system status and RMF activity requirements in order to establish accountability, access approvals, and special handling requirements
Maintaining the status of artifacts and repositories for system-level cybersecurity-related documentation
Ensure proper appointments IAW RMF 800-37 guidance ensure the established cybersecurity policies and procedures are being followed in accordance with formally established roles
Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring
Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated
Ensure implementation of security measures and procedures, including reporting incidents to the AO and appropriate reporting chains and coordinating system-level responses to unauthorized disclosures for classified information or for CUI, respectively
Ensure that the handling of possible or actual data spills of classified information resident in systems, are conducted
Ensure that cybersecurity-related events or configuration changes that may impact DoD systems authorization or security posture are formally reported to the AO and other affected parties, such as IOs and stewards and AOs of interconnected DoD systems
Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a DoD system
Ensures all users have the requisite security clearances and access authorization and are aware of their cybersecurity responsibilities for DoD systems under their purview before being granted access to those systems
In coordination with the ISSM, initiates protective or corrective measures to address a discovered cybersecurity incident or vulnerability and ensures a process exists for authorized users to report all cybersecurity-related events, potential threats and vulnerabilities to the ISSO
Update all DoD systems cybersecurity-related documentation and ensure these documents are available to properly authorized individuals
The ISSO is expected to have additional duties as assigned in support of corporate cyber security services. Additional details are reviewed in accordance with company policies

Qualification

TS/SCI clearanceSystems Security EngineeringRMF activitiesAWS familiarityJira experienceIAM III certificationAnalytical skillsSecurity policiesEffective communicationDetail-oriented

Required

Bachelors Degree in Computer Science or a related technical discipline
Minimum 8-10 years of experience
Must currently possess an active TS/SCI with the ability to obtain and maintain a CI polygraph
Effective communication skills to collaborate with cross-functional teams and stakeholders on implementing security measures organization-wide
Strong analytical skills for identifying system vulnerabilities and documenting control implementation narratives
Knowledge of system artifact requirements in support of a System Security Plan
Familiarity with AWS and Cloud Service Provider requirements for development of System Impact Analysis and Documented Risk Acceptance
Jira and Agile SAFe experience or ability to learn is required
Detail-oriented with the ability to manage multiple tasks and prioritize effectively
Familiarity with Federal, NIST, DOD and IC security policies
Familiarity with federal regulatory requirements, contractual obligations, and industry standards related to information security. Evaluate adherence to standards such as Privacy, GDPR, and HIPAA

Preferred

Masters Degree preferred
Systems Security Engineering background preferred
IAM III preferred
Comprehensive knowledge of RMF activities with ability to articulate to Executive audiences preferred

Company

Apavo Corporation

twitter
company-logo
Expert Cybersecurity Consultants​. Become a partner in evaluating and managing risk within military, defense, and sensitive infrastructure industries.
location
Washington, us
people-size2-10 employees
web-link
https://apavo.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Sarah Upperman
Chief Executive Officer
linkedin
Company data provided by crunchbase