Junior (Jr.) Information System Security Officer (ISSO)

Job Description

ECS is seeking a Junior (Jr.) Information System Security Officer (ISSO) to work remotely .

ECS Federal, LLC is seeking a highly qualified Junior Level Information System Security Officer (ISSO) with an active Secret clearance to support our DoD client, located in Seaside, CA and Alexandria, VA. This position can be remote, but preferably in close proximately to the National Capital Region (NCR). The selected, highly motivated candidate will serve as the advisor to one or more Information System Owners, ATO Program Owner, and Information System Security Manager (ISSM) on all matters, involving the security of an information system.

• Serve as a Junior ISSO to one or more Boundary/System Owner and ISSM on all matters (technical or otherwise) involving the security
• Provide support under senior leadership guidance that appropriate security controls and measures are in place to safeguard DHRA/DMDC systems, applications, networks, and data
• ATO Program Owner Support
  • Under the supervision of a senior RMF staff member, Jr. ISSO will perform the following:
    • Act as a facilitator between Program and Product Owners and other Cybersecurity stakeholders for coordination of communication and activities within eMASS
    • Advise program stakeholders on ATO requirements and identify any missing information in eMASS
    • Explain non-compliant controls and propose solutions to stakeholders
    • Provide support for program teams on eMASS toolset usage, RMF policies, and additional cybersecurity topics, e.g., cATO, system network traffic diagrams, documenting PPSM, RMF control remediation, etc.
    • Support Program/Product Owner for their given assessments, validations, and audits with respect to eMASS access and clarifications
• EMASS
  • Under the supervision of a senior RMF staff member, Jr. ISSO will perform the following:
  • Monitor RMF authorization status through eMASS and maintain and communicate a schedule of actions and timelines needed to obtain and sustain system/application authorization
  • Create and maintain entries within eMASS instances for applications with required artifacts associated with the relevant Common Control Identifier (CCI) security controls. Artifacts will be provided by DHRA program, product, or project managers
  • Maintain the documentation for RMF Assessment and Authorization of each information system in accordance with government requirements, with all required artifacts in eMASS

• STIGS
  • Under the supervision of a senior RMF staff member, Jr. ISSO will perform the following:
    • Develop STIG/Control crosswalk documentation to application functionalities to determine how those controls impact the app/system; upon mitigation then take the necessary supporting documentation and screenshots from program, product or project managers and update the associated controls and POAMs in eMASS
    • Utilize the assigned tool, such as eMASSTER to generate STIG results, and assigned actions for remediation. Other STIG tools may be applicable

• POA&Ms
  • Under the supervision of a senior RMF staff member, Jr. ISSO will perform the following:
    • Ensure POAM entries are kept current in eMASS and report on POAM statuses. Submit POAM workflow requests in eMASS for item closure or extension.
    • Coordinate with stakeholders to develop POA&M milestones, identify and allocate resources and determine the remediation schedule
    • Create presentations and metrics as requested. Create weekly, monthly, and in-progress review presentations, as needed

Salary Range: $115,000 - $130,000

General Description of Benefits

Required Skills

• Bachelor's degree in computer science, cybersecurity, information security, or similar discipline AND 1 to 2+ years of cybersecurity experience, in support of the DoD or other federal clients (education/experience substitution allowed)
• Active DoD 8570 certification minimum compliance, including at least one of the following certifications in good standing: CASP+ Security+, CISSP, CISA, CISM
• Understanding of the NIST Special Publications, DoD Risk Management Framework (RMF) processes and NIST 800-53 security controls
• Experience developing and managing POAMS in eMASS
• Experience with reviewing vulnerability scans and suggesting mitigation techniques
• Technical knowledge to review DISA Security Technical Implementation Guides (STIGs)
• Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders
• Capacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions

Desired Skills

• Prior DHRA/DMDC experience
• CISSP certification
• ISSM and or CISM experience
• Top Secret Clearance

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.