Information Systems Security Officer (ISSO)
Novetta Tampa, FL
- Posted: June 09, 2021
Novetta is seeking a highly motivated Information Systems Security Officer (ISSO) to join our Tampa Solutions Team. The successful candidate will work both independently and as a team member, must be a quick learner, self-motivated, reliable, able to transition strategic vision into actionable plans, and able to balance multiple tasks simultaneously. Candidate must be knowledgeable in computer security principles and policies, to include the Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), Intelligence Community Directives (ICDs), and National Industrial Security Program Operating Manual (NISPOM).
- Maintain Authorization to Operate (ATO) for a classified government cloud system in conjunction with DoD policy to include: Risk Management Framework (RMF), NIST 800-53, 800-871, etc.
- Manage and create all Body of Evidence (BOE) artifacts for the system to include: Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), System Security Plans (SSPs), Risk Assessment Reports (RARs), Vulnerability Assessments, Security Assessment Plans, etc.
- Work with software development teams to provide guidance and oversight into the implementation of security controls and other related security best practices
- Utilize automated security tools to track and manage vulnerabilities of the software development process. Tools include Nessus, McAfee Security Center
- Work with the program ISSM to communicate cyber security status and posture with government oversight to include AO, SCAs, CISO, etc.
- Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis
- DoD 8570 IAT/IAM Level II certification (Sec+ or equivalent). IAT/IAM III preferred (CISSP, CASP, CISM)
- Demonstrable experience in Assessment and Authorization (A&A) using Risk Management Framework (RMF) using NIST 800-53 Rev 4
- Experience with Windows and Linux environments
- Experience with cloud environments and concepts
- Knowledge of information security and assurance practices and principles.
- Experience with ACAS & McAfee Security Center
- Technical experience securing networks and systems utilizing DISA STIGs and/or SRGs.
- Be technically familiar with multiple operating systems such as Windows 7 and 10, and Linux
- Strong policy development skills
- Cloud certification (AWS, Azure, etc.)
- Experience working in a DevSecOps project environment
- Formerly or currently a system administrator, developer, or engineer
- Experience with MS Active Directory, Windows, Linux, AWS Security, etc.
- Ability to work in a matrixes team environment and support multiple different efforts as needed
- Bachelor's Degree in Cyber Security, Computer Science, Information Technology, or related field
- Active US government TS/SCI security clearance
TechnologyView all jobs at Novetta