ISSO/POAM Analyst

company banner
Apex Systems
Full Time

Job Description

Job#: 1275663

Job Description:

Apex Systems is hiring an ISSO to provide continuous monitoring/POAM management support and improve the continuous cyber security posture for one of our government clients at the Pentagon!

****Perks include: metroable lcoation, paid federal holidays, and ability to accrue federal sick leave

If you are interested, please send a copy of your updated resume as a Word Document to bbennett@apexsystems.com.

Position: ISSO/POAM Management Analyst

Location: Pentagon

Clearance: Candidates must be able to obtain and/or maintain a DoD Top Secret clearance as a condition of employment

Duration: Long Term Contract (2+ years)

Shift Hours: Day-Shift; core support hours are 6am-6pm

Overview: Seeking high-level IT Professionals to provide Continuous Monitoring/POAM Management support and improving the Continuous Cyber Security posture within the National Military Command Center

Roles and Responsibilities:
  • Experience with continuous monitoring and Plans of Actions and Milestones (POA&Ms)
  • Must be able to work in a constantly changing regulatory environment with short, mid, and long term timelines for remediating any non-compliance
  • Must be able to work well within a team environment and able to adapt quickly to change
  • Maintain cybersecurity procedures and processes as assigned
  • Able to analyze, interpret, and apply Federal cybersecurity guidance to customer needs
  • Communicate the security posture of systems through designated reporting mechanism
  • Assist in preparation and review documentation to include System Security Plans (SSPs), Risk Assessment Reports (RAR), and other Assessment & Authorization (A&A) artifacts
  • Assist in the research and address information security issues as required, and develop and maintain the Plan of Action and Milestones (POA&M) and support remediation activities
  • Develop and advise development of Assessment and Authorization (A&A) artifacts and security documentation to include, but not limited to System Security Plans (SSP), Plan of Action and Milestone (POAM), Contingency Plan, Incident Response Plan, Configuration Management Plan
  • Assist with pre-assessment preparation
  • Perform Risk Management Framework (RMF) activities to achieve Authority to Operate (ATO).
  • Perform continuous monitoring of security controls to ensure that they are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems.
  • Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems
  • Strong verbal and written skills required providing management status reports and document system changes
  • Analyze problems and provide focused solutions to effectively communicate information to various audiences verbally and through written communications.
  • Develops and maintains POA&Ms and supports remediation activities in coordination with the customer and Security Engineers
  • Maintains an inventory of hardware and software for information systems for the client
  • Conduct reviews of closed Plan of Actions and Milestones (POA&M) for completeness and compliance
  • Develop and support the ongoing authorization (OA) process that includes continuous monitoring
  • Monitor security controls for ISs to maintain security Authorized To Operate (ATO)
  • Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase
  • Will manage A&A document repository and assure IT system security documents are current and compliant
  • Develop and update assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems
  • Ensure that changes to IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM)

Required Skills:
  • Bachelor's degree or equivalent work experience and certifications
  • Active TS/SCI Security Clearance
  • Current DoD 8570 baseline certification for IAT II (one of the following: GSEC, Security+, SCNP and SSCP certifications)
  • 3-5 years of Cyber Security experience
  • 2 Years of IT experience (Networking/System Administration)
  • Working knowledge of security system controls, policies, technical security safeguards, and operational security measures
  • Familiarity with DoD STIG process
  • Excellent verbal and written communication skills.
  • Executing the security assessment and authorization (or ATO) process with independent assessors
  • Executing Continuous Monitoring and maintaining the security posture of IT systems day to day

Desired Skills:
  • Past or current ISSM/ISSO experience
  • DoD IS knowledge and experience
  • Must be highly organized and detail oriented
  • Must be able to take initiative and work independently or as a member of a team
  • Must demonstrate proficiency in the following areas: multi-tasking, critical thinking; and the ability to work quickly, efficiently and accurately in a dynamic and fluid environment
  • Familiar with NIST publications, specifically RMF and NIST controls
  • Experience developing A&A documentation from scratch and performing assessments; RMF step 1 through 6
  • Working knowledge of Enterprise Mission Assurance Support Services (eMASS) and XACTA

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at employeeservices@apexsystems.com or 844-463-6178.


Company Information

Apex Systems is a world class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions. We provide a continuum of service from workforce mobilization and modern enterprise solutions to digital innovation to drive better results and bring more value to our clients. Apex transforms our customers with modern enterprise solutions tailored to the industries we serve. Apex has a presence in over 70 markets across US, Canada and Mexico. Apex is a segment of ASGN Inc. (NYSE: ASGN)

.
Dice Id : apexsan
Position Id : BHJOB2374_1275663
Originally Posted : 1 month ago

Similar Positions at Apex Systems

ISSO
  • Jb Andrews, MD
  • 4 hours ago
ISSO (Cloud)
  • Herndon, VA
  • 4 hours ago
ISSO
  • Herndon, VA
  • 4 hours ago
A&A Analyst
  • Jb Andrews, MD
  • 4 hours ago
Mid-Level Malware Analyst
  • Rosslyn, VA
  • 4 hours ago
Sr. Malware Analyst
  • Beltsville, MD
  • 4 hours ago
Vulnerability Remediation Analyst
  • Jb Andrews, MD
  • 4 hours ago
Cyber Security Investigation Analyst
  • Rosslyn, VA
  • 4 hours ago
SOC Analyst
  • Alexandria, VA
  • 4 hours ago