Information Systems Security Officer TS/SCI

SiloSmashers, Inc. is a strategy, technology, and management consulting firm, founded in 1992, and located in Reston, Virginia. SiloSmashers delivers superior services and solutions to the public sector in the areas of project/program management, performance management, and IT security. The company provides innovative, collaborative business approaches, and proven methodologies that enable customers to break down organizational silos and optimize operational efficiency to achieve peak performance and mission success. Come join our team!

Summary:

The Information Systems Security Officer will provide support to plan, coordinate, and implement the organization's information security. The primary responsibilities for the ISSO are to ensure that all systems under their purview are able to achieve and maintain system authorization (C&A) as described in NIST SP 800-37 to include implementation and maintenance of systems security controls as identified in NIST SP 800-53 and the DHS 4300. The ISSO will maintain Continuous monitoring and vulnerability management activities. Providing expertise to lab management and staff on all cyber security related matters. Shall provide coordination with local and directorate stakeholders to ensure that systems are maintained within FISMA defined metrics and targets.

Job Duties:

• Performing risk analyses which also includes risk assessment.
• Provides support to plan, coordinate, and implement the organization's information security.
• Provides support for facilitating and helping agencies identify their current security infrastructure and define future programs, design and implementation of security related to IT systems.
• Perform complete security analysis and compliance review of all new IT Initiatives to include but not limited to information systems, hardware, and software.
• Perform duties as the security specialist for secure rooms/SCIFs which have the possibility to process information up to the TS/SCI level (where applicable).
• Perform Local Registration Authority duties for their respective lab sites.
• Conduct IT security, awareness, and privacy training for all employees at the laboratories.
• Provide IT security subject matter expertise on all projects, purchases, and procedures to