Information Systems Security Officer
- Expired: over a month ago. Applications are no longer accepted.
Job Title: Information Systems Security Officer
Location: Chantilly, Virginia
Clearance Level: DoD Top Secret Clearance
We deliver essential technology services to our customers in support of their missions to sustain the national security and economic interest of our nation. SecuriGence is seeking an experienced Information Systems Security Officer to help contribute to our success. Come help us solve problems with Innovation Through Intelligence.
- Ensuring that Stakeholders adhere to Federal Information Assurance policies and procedures to acquire and maintain an Information System's Authority to Operate (ATO) under The Federal Information Security Management Act (FISMA) of 2002
- Lead RMF A&A efforts including: activities within the A&A cycle and outside of the SCA functions, work directly with ISSM, ISO, and AO, work with engineering and support staff to secure systems and ensure compliance, and maintain POAMs.
- Responsible for ConMon (Primarily completed through Splunk. Small number of manual/administrative checks).
- Assist with IR activities
- Assist with vulnerability scanning using Tenable Nessus (also includes STIG (hardening) compliance).
- Accountable for the real-time analysis, commentary, and handling of security events
- Contribute to the accuracy and efficiency of analysis operations through technical innovation, procedural refinement, training of analysts and analyst oversight.
Skills and Experience
- 10+ years' experience in computer science or cyber related field.
- Experience with NIST 800-37, 800-137, 800-53 rev 4 and understanding of draft rev 5, 800-39, 800-171 and 800-171A for self-assessments, 800-60, NIST 800-100, NIST 800-18, NIST 800-53 rev 4 guidelines and NIST 800-53a security controls assessment practices.
- Experience with systems engineering design and development toward a "baked-in" security design using Information Assurance best practices.
- Understanding of the FedRAMP process, coordinating with 3PAO's, and migrating on prem systems to an accredited cloud-based solution (e.g. AWS (GovCloud), Asure)
- Understanding of vulnerability and scanning tools and well-versed in interpreting risk posture resulting from assessment reports
- Knowledge of vulnerability management, risk management, project management, proficient with Microsoft products - Word, Excel, PowerPoint
- Experience with Tenable's Nessus and/or Security Center, IBM Guardium, HP WebInspect, or Network Mapper is a plus
- Risk assessment experience, especially with NIST 800-53 Threat identification, system security categorization, gap analysis, and compliance reporting
- Must be able to apply and validate security patches as they align to NIST guidelines, client policies and procedures, and OMB Mandates.
- Experience with creating or maintaining security artifacts as part of the ATO package including but not limited to; System Security Plan (SSP), Contingency Plans (CP), Disaster Recovery Plans (DRP), Plan of Action and Milestone (POA&M), Incident Response (IR), and other security documentation.
- Knowledge of INFOSEC Assessment Methodology/Evaluation Methodology (NSA IAM/NSA IEM)
- Bachelor's degree. Can be substituted for Associate's degree with 2+ years relevant experience or 4 years relevant experience.
- DoD Top Secret Clearance with SCI eligibility is required.
- DOD 8140 IAM Level II (CASP, CASP-CE, CISM, CISSP or Associate, GSLC)
SecuriGence LLC (SG) is an agile, HUBZone Certified Veteran-owned small business headquartered in the Washington, DC metropolitan region. Established in April 2010 we have been supporting the Department of Defense and other United States Civil agencies in Systems Engineering, Software Engineering, Software Development, Cyber Security, and Cloud/Virtualization Management.
SecuriGence provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
As required by Executive Order 14043, Federal contractors are required to be fully vaccinated against COVID-19 regardless of the employee's duty location or work arrangement (e.g., telework, remote work, etc.), subject to such exceptions as required by law. If selected, you will be required to be vaccinated against COVID-19 and submit documentation of proof of vaccination by January 4, 2022, or before appointment or onboarding with the agency, if after January 4. The agency will provide additional information regarding what information or documentation will be needed and how you can request of the agency a legally required exception from this requirement.
TechnologyView all jobs at SecuriGence LLC