ISSO

Overview

On Site
Full Time

Skills

ISSO

Job Details



ISSO


*Full-time Telework


*Must be local to San Antonio, TX area


*U.S. Citizenship Required



Job Role:


Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate high level data and cyber security risks. Designs, tests and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design.



  • Develops, maintains, and reviews system documentation to implement required security controls, including but not limited to: System Security Plan, Security Categorization, Risk Assessments, Privacy Impact Assessment, Contingency Plans, and Standard Operating Procedures.

  • Tracks, reports and provides recommendations on Plan of Action & Milestones (POA&M).

  • Identifies unique system characteristics, interviews key organizational personnel, composes requisite documentation.

  • Coordinates with system administrators and security engineers on actions to satisfy security control requirements.

  • Participates in change control boards and assessments.

  • Serves as project manager for assigned systems from a continuous monitoring perspective.

  • Analyzes vulnerability scans and audit logs.

  • Identifies risks from inherited cloud service providers and coordinates compensating measures to reduce overall risk to the environment.

  • Provide timely and detailed responses to all data calls and FISMA audits

  • Continuously maintain a thorough understanding of all configurations , architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols and other relevant data for each IT system.


Minimum Qualifications



  • Bachelor's Degree in Computer Science or a related field or equivalent experience; Advanced Degree preferred.

  • 8-15 years of experience in systems security.


Other Job Specific Skills



  • Requires strong understanding of standards and requirements outlined by FISMA, NIST, OMB and others.

  • Exercises considerable latitude in determining technical objectives of assignments.

  • Excellent attention to detail.

  • Must be able to balance multiple tasks simultaneously.

  • Advanced knowledge of encryption, vulnerability assessment, penetration testing, cyber forensics, intrusion detection, and incident response and remediation.

  • May interface with external entities including law enforcement, and intelligence/government agencies.

  • Exercises considerable latitude in determining technical objectives of assignment.








#cjpost