Overview
On Site
Full Time
Skills
ISSO
Job Details
ISSO
*Full-time Telework
*Must be local to San Antonio, TX area
*U.S. Citizenship Required
Job Role:
Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate high level data and cyber security risks. Designs, tests and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design.
- Develops, maintains, and reviews system documentation to implement required security controls, including but not limited to: System Security Plan, Security Categorization, Risk Assessments, Privacy Impact Assessment, Contingency Plans, and Standard Operating Procedures.
- Tracks, reports and provides recommendations on Plan of Action & Milestones (POA&M).
- Identifies unique system characteristics, interviews key organizational personnel, composes requisite documentation.
- Coordinates with system administrators and security engineers on actions to satisfy security control requirements.
- Participates in change control boards and assessments.
- Serves as project manager for assigned systems from a continuous monitoring perspective.
- Analyzes vulnerability scans and audit logs.
- Identifies risks from inherited cloud service providers and coordinates compensating measures to reduce overall risk to the environment.
- Provide timely and detailed responses to all data calls and FISMA audits
- Continuously maintain a thorough understanding of all configurations , architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols and other relevant data for each IT system.
Minimum Qualifications
- Bachelor's Degree in Computer Science or a related field or equivalent experience; Advanced Degree preferred.
- 8-15 years of experience in systems security.
Other Job Specific Skills
- Requires strong understanding of standards and requirements outlined by FISMA, NIST, OMB and others.
- Exercises considerable latitude in determining technical objectives of assignments.
- Excellent attention to detail.
- Must be able to balance multiple tasks simultaneously.
- Advanced knowledge of encryption, vulnerability assessment, penetration testing, cyber forensics, intrusion detection, and incident response and remediation.
- May interface with external entities including law enforcement, and intelligence/government agencies.
- Exercises considerable latitude in determining technical objectives of assignment.
#cjpost