Information System Security Officer (ISSO)

(INFORMATION SYSTEM SECURITY OFFICER OR ISSO ) AND(FISMA OR FIPS OR NIST ) AND(RMF )
Contract W2, Contract Independent, C2H W2, C2H Independent, Full Time
BASED ON EXPERIENCE
Work from home not available Travel not required

Job Description

Data Systems Analysts, Inc. (DSA) is a leading Information Technology and Management Consulting firm, delivering solutions to Federal, State and Local Government and commercial industry. We are best known for Knowledge & Information Management, Energy Management & Environmental Sustainability, Enterprise Systems Development & Operations and Cyber Security and Information Assurance. With offices in the DC Metropolitan Area and across the nation, we serve Fortune 500 decision makers and Federal, State and local government agencies throughout the U.S.



Job Description:

The ideal candidate will report directly to the program manager and have strong leadership skills and the ability to lead teams, tasks and projects. The Information System Security Officer (ISSO) will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (InfoSec) program for a large civilian Federal agency. The candidate should have strong technical and data analysis skills. The candidate will serve as a subject matter expert (SME) with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls.



Primary Responsibilities:


  • Experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines

  • Experience developing, reviewing, assessing, and updating RMF documentation, including System Security Plans (SSP), Contingency Plans (CP), POA&Ms, and other relevant security documentation for new systems.

  • Knowledge of NIST SP 800 family of publications, particularly those associated with risk management policy and procedures

  • Vulnerability scanning execution, assessment, and analysis

  • Operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN])

  • Application/OS security, database security, and network security

  • Ability to assess and weigh current and evolving security threats in an operational environment

  • Applies extensive knowledge of a variety of the IA field's concepts, practices, and procedures to ensure the secure integration and operation of all systems

  • Advising senior-level stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations.

  • Leveraging Agency provided tools such as Telos Xacta (Risk Management Framework support tool), CSAM, or RSA Archer to track and reconcile findings from the system assessments, audits, and vulnerability scans.

  • Responding to government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports.

  • Managing InfoSec Program POA&Ms, including advising on remediation efforts.

  • Working closely with senior agency security officials, system owners, ISSOs, and other stakeholders to advise and implement security solutions.

  • Identify opportunities for efficiencies in work process and innovative approaches.

  • Participate in team problem solving efforts and offer ideas to solve client issues.

  • Conduct relevant research, data analysis, and create reports.

  • Prepare and assist in the development of policy and procedures for program-level management and promote consistency in program management best practices.


Minimum Qualifications:


  • US Citizenship.

  • Bachelor s degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline is required. Four (4) additional years of experience in IA/Information Security will be an acceptable substitute for a Bachelor s degree.

  • Minimum of seven (7) years related general experience and at least five (5) years of IA specialized experience, including four (4) or more years of applying, analyzing and assessing information systems and security controls (NIST SP800-53, Revision 4).

  • Minimum of three (3) years in a leadership capacity.

  • Written and oral communication skills including the ability to communicate complex technical issues to senior stakeholders and non-technical staff.

  • Knowledge and understanding of integrating the security lifecycle into the system development lifecycle (SDLC).

  • Experience working with Federal Information Security Modernization Act (FISMA) requirements, and National Institute of Standards and Technology (NIST) guidelines.

  • Demonstrated ability to prioritize and manage competing work assignments in a time sensitive environment.

  • Ability to weigh business risks and enforce appropriate information security measures.

  • Strong inter-personal and communications skills.

  • Demonstration of ability to solve problems using best practices and systematic approach.




Preferred Tool Experience


  • ForeScout

  • BigFix

  • Tenable Nessus

  • Security Content Automation Protocol (SCAP)

  • Telos Xacta IA Manager

  • CDM Dashboard/RSA Archer

  • CSAM



Preferred Qualifications:


  • CISSP, CISM or equivalent advanced security certification.




MUST HAVE AN ACTIVE DOD CLEARANCE ; this will be verified prior to interview. Therefore, only US Citizens can be considered for this position.



Founded in 1963, Data Systems Analysts, Inc. (DSA) has been providing Defense and Federal Government customers' business-driven Information Technology and consulting solutions and services for more than 50 years. DSA's people excel in helping our customers achieve sensitive, mission-critical business goals and objectives. DSA is a 100 percent employee-owned company: every employee has a stake in the success of our company and our customers.Our culture embraces training and development opportunities that include leadership programs, employee networks, continued education, and much more. We recognize that building expertise in your profession benefits everyone, and our leadership training programs help employees better manage their projects, inspire coworkers and customers to action, and reinforce DSA's guiding principles since 1963.

We also value the unique combination of skills, abilities, aspirations, and backgrounds of every individual our diversity makes us stronger. We are 100 percent employee-owned through an Employee Stock Ownership Plan (ESOP).DSA employees receive customizable benefits that are highly competitive in each local market that include a Vanguard 401K.
DSA provides equal employment opportunity for employees and applicants without regard to an individual's protected status; race/ethnicity, color, national origin, ancestry, sex/gender, gender identity/expression, sexual orientation, marital/parental status, pregnancy/childbirth or related condition, religion, creed, age, disability, genetic information, veteran status, or any other protected status.



DSA will provide necessary reasonable accommodation to ensure that an individual with a disability who is not able to fully utilize DSA's online job application system is provided with equal opportunity to apply and be considered for all jobs. If you need an accommodation to complete the application process, please email HR @dsainc.com or call 1-877-422-4372.



#DSA209

Posted By

Adele Hackney

Dice Id : 10119839
Position Id : 19-00141
Have a Job? Post it