Information System Security Officer

Overview

Remote
Depends on Experience
Contract - W2
Contract - 12 Month(s)
No Travel Required

Skills

risk
compliance
security
threats
vulnerabilities
mitigation
cloud
GRC
NIST
RMF

Job Details

Information System Security Officer

Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations or enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations.

Task description and/or any specific requirements:

Ability to manage responsibility for security assessments of a variety of applications or domains, to include cloud computing, and to manage several project/initiatives of large size, complexity, and risk.

Demonstrated proficiency in implementing security controls, conducting risk assessments, and documenting compliance measures based on NIST RMF and ISO standards to meet organizational and regulatory requirements.

Demonstrated proficiency in successfully evaluating and supporting documentation, validation, and accreditation processes necessary to assure that new and existing information technology (IT) systems meet the organization's information assurance (IA) and security requirements.

Demonstrated proficiency in ensuring appropriate treatment of risk, compliance, and assurance from internal and external perspectives.

Demonstrated ability to support development of actionable security blueprints, principles, models, designs, standards, and guidelines to ensure enterprise IT architecture and support is consistent, usable, secure and adds value to the business.

Experience with network and vulnerability scanning tools and technologies to interrogate systems for configuration and status.

In-depth understanding of security architecture principles and best practices to design, implement, and maintain secure IT infrastructures in alignment with A&A policies.

Demonstrated proficiency in utilizing Governance, Risk, and Compliance (GRC) tools for managing Assessment & Authorization (A&A) processes.

Ability to serve as subject matter expert (SME) for the A&A process, including providing guidance to stakeholders, business units, and new A&A resources as necessary.

Strong organizational skills and ability to build and maintain schedules and step-by-step action plans.

Effective communication and collaboration skills to work with cross-functional teams, business units, stakeholders, and IT professionals, and to brief executives.

Experience/Education:

o A minimum of eight (8) to twelve (12) years relevant experience.

o A degree from an accredited College/University in the applicable field of services is required. If the individual's degree is not in the applicable field then four additional years of related experience is required.

o Typically performs all functional duties independently.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.