Information Systems Security Officer

Work from home not available Travel not required

Job Description

AllStaff Solutions is seeking an Information Systems Security Officer (ISSO) to support our client, Leidos Systems, in critical operations for their Enterprise Security Operations Center (ESOC).

PRIMARY RESPONSIBILITIES:

The successful candidate will manage overall security related policies, procedures, laws and regulations; create, document and implement various security plans and compliance documents; and enforce Information Assurance principles. The day-to-day responsibilities if this position will include the following:

  • Develop, maintain and manage Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), POA&Ms, and other relevant security documentation for existing and new systems
  • Conduct both technical and non-technical internal audits and testing to validate system and operational requirements compliance
  • Use workflows to develop security artifacts
  • Document, organize and implement security control requirements
  • Identify current and new risks
  • Prepare vulnerability test plans and coordinate the testing and result procedures
  • Assess customer-based solutions and provide recommendations for any improvements to current security posture
  • Ability to review and write security related policies and procedures

QUALIFICATIONS:

The successful candidate will possess the following skills, experience, and qualifications:

  • Must possess an interim Secret Clearance.

  • Minimum of 5 years of experience as an ISSO supporting major federal information systems/applications
  • Knowledge with auditing security controls and financial processes
  • Superior writing, communication and critical analysis skills
  • Deep understanding of Information Assurance, Information Technology and Information Management concepts, processes and procedures

The candidate must have advanced experience/knowledge with the following:

  • NIST SP 800-37 Risk Management Framework security assessment and authorization (A&A) processes
  • NIST 800-53 security controls and required documentation
  • Security controls (i.e. NIST SP 800-53, FISCAM, etc.) assessments in support of FISMA, A-123 and annual self-assessment initiatives
  • Federal Risk and Authorization Management Program (FedRAMP) for authorization of cloud services
  • Enterprise Logging System to conduct regular reviews of audit logs (operating system, application, database, etc.) for security anomalies and compliance with applicable policies and procedures
  • POA&M Management and Risk Management Framework (RMF)
  • Reviewing operating system, application, and database security baseline configuration documentation to ensure compliance with agency hardening guidelines
  • Reviewing proposed change requests related to system design / configuration and performing a security impact analysis to provide approval or denial recommendations
  • Reviewing vulnerability scan results
  • Must possess one of the following certifications:
    • ISC2 Certified Authorization Professional (CAP) and ISC2 Certified Information System Security Professional (CISSP) certification, CompTIA Certified Advanced Security Practitioner (CASP+)

PREFERRED QUALIFICATIONS: 

  • ISC2 Certified Cloud Security Professional certification (CCSP)
  • Familiar with IT system administration/engineering

AllStaff Solutions is an equal employment opportunities (EEO) employer and terms of employment are without regard to race, color, religion, sex, national origin, age, disability or genetics. AllStaff Solutions complies with applicable state and local laws governing nondiscrimination in employment. This policy applies to all terms and conditions of employment.

Dice Id : 10172204
Position Id : y8pkjxj9di75rzq6o1jyoecbih
Originally Posted : 6 months ago
Have a Job? Post it