Information System Security Officer (ISSO) @ Nuvitek | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Information System Security Officer (ISSO) jobs in United States
137 applicants
company-logo

Nuvitek · 1 day ago

Information System Security Officer (ISSO)

positionUnited States
timeFull-time
remoteRemote
seniorityMid, Senior Level
date5+ years exp
ftfMaximize your interview chances
Cloud Data ServicesData Center Automation
badNo H1BnoteSecurity Clearance Requirednote

Insider Connection @Nuvitek

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Advise System Owners on cyber security best practices
Serve as liaison between client management and associated stakeholders, and as the POC for all authorization and information security related issues
Create and maintain comprehensive information security policies, standards, and procedures
Ensure these policies align with government regulations such as FISMA, NIST, and other applicable security frameworks
Perform regular security assessments, audits, and risk assessments to identify vulnerabilities and recommend mitigation measures
Develop and implement strategies to address identified risks and enhance security posture
Coordinate and manage security incidents, including investigation, analysis, and remediation
Develop and maintain incident response plans and procedures, ensuring timely communication and reporting
Prepare for and support security audits and assessments conducted by internal and external parties
Ensure timely remediation of audit findings and maintain documentation to demonstrate compliance with regulatory standards
Implement and manage user access controls based on least privilege principles
Conduct periodic reviews and audits to ensure adherence to security policies
Offer technical expertise and strategic guidance to IT and business teams on security best practices and compliance requirements
Collaborate with development teams using low-code platforms to integrate security requirements into the development lifecycle
Stay informed about emerging security threats, technologies, and industry trends to proactively enhance the organization's security posture
Develop RMF Documentation
Review and update RMF ATO packages, policy and procedure documents, and related artifacts in accordance with applicable standards and regulations
Prepare and update security documentation, and work with technical teams to support the creation and maintenance of technical documentation
Implementing NIST Principles
Perform rigorous evaluations of NIST SP 800-53 security and privacy controls using NIST SP 800-53A standards

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information SecurityNIST ComplianceRisk ManagementIncident ResponseCybersecurity PrinciplesCISSP CertificationAgile PrinciplesCloud SecuritySecurity ToolsLow-Code PlatformsZero TrustPublic Trust ClearanceForensic InvestigationsDevSecOpsISO 27001Technical Documentation

Required

Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field
Certified Information Systems Security Professional (CISSP) or equivalent certification
Minimum of 5 years of experience in information security, with significant experience in government or similar environments
Proven experience with government security frameworks and compliance standards (e.g., FISMA, NIST, FedRAMP)
Strong understanding of cybersecurity principles, risk management, and incident response
Proficiency with security tools and technologies (e.g., SIEM, IDS/IPS, vulnerability management tools)
Knowledge of cloud security and modern IT infrastructures
Familiarity with low-code platforms
Strong understanding of Agile principles
Understanding of Zero Trust
Excellent analytical and problem-solving skills
Strong communication and interpersonal skills, with the ability to effectively communicate security concepts to non-technical stakeholders
Experience conducting interviews with application and system developers to document system operations surrounding security controls
Public Trust clearance or the ability to obtain Public Trust or Security clearance

Preferred

Master's degree
Experience with cloud security technologies and platforms
Familiarity with enterprise risk management frameworks (ISO 27001, NIST Cybersecurity Framework, etc.)
Expertise in security incident response and forensic investigations
Experience with implementing security controls in complex IT environments
Advanced certifications such as CISM, CEH, or equivalent
Knowledge or experience with DevSecOps pipelines for Security Operations

Company

Nuvitek

twittertwitter
company-logo
Nuvitek is a systems integrator and technology service provider that delivers IT services that are faster and more efficient.
dateFounded in 2012
location
Herndon, Virginia, USA
people-size51-200 employees
web-link
http://nuvitek.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Fadi Harake
Chief Operating Officer
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot