Principal Information System Security Officer with Security Clearance
Company: steampunk
Location: Fairfax
Posted on: May 3, 2024
|
|
Job Description:
Overview Steampunk is searching for a Principal Information
System Security Officer to support a government customerThe primary
responsibilities for the position are to support all activities
that ensure the level of security documented with the security
authorization is maintained at an acceptable level of riskThe
nature of the work requires that the candidate demonstrate
initiative, organization, responsibility, customer service skills,
and the ability to be flexible and adaptive to a fast-paced, fluid
business environmentThe candidate must be able to communicate
effectively and decisively with all levels of the organization and
be able to solve practical problems as well as exercise sound
judgement with regards to sensitive and confidential
informationContributions--- Proactively create, monitor and update
the status of POA&Ms to ensure weaknesses are resolved in
accordance to their scheduled completion dates.--- Create of
Waivers or Risk Acceptance Memos to assist in the effective
management of system risks.--- Conduct an annual assessment in
accordance with guidance in the DHS Information Security
Performance Plan.--- Review and update security authorization
documents as needed, but at least annually;--- Conduct Contingency
Plan tests at least annually and updating the plan;--- Perform
system self-assessments as part of the customer's Ongoing
Authorization program;--- Monitor and respond to Information
Security Vulnerability Management (ISVM)/Patch Management.---
Provide audit support for assigned systems (Financial, A-123,
FISMA, internal, DHS, etc.), throughout the audit (Pre, During, and
Post Audit).--- Maintain knowledge of inventory in accreditation
boundary.--- Use DHS' and mandated enterprise IA Compliance
Tools.--- Devise a plan to certify and accredit their assigned
Information system or information systems.--- Respond to emerging
requirements or policies as set by legislation, regulation or
policy.--- Participate in DevOps Sec (security integrated into
Agile processes) requirements for assigned systems.--- Support the
review and update security authorization documents as needed, but
at least annually;--- Help coordinate with Privacy, Records, and
Information Governance Divisions related to compliance
documentation and other requirements.--- Provide audit support for
assigned systems (Financial, A-123, FISMA, internal, DHS, etc.),
throughout the audit (Pre, During, and Post Audit).--- Proactively
ensure security requirements are included in development cycle
(Waterfall, Agile, SecDevOPs).--- Use DHS' and mandated enterprise
IA Compliance Tools.--- Ensure CM processes are followed to ensure
that any changes do not introduce new security risks.--- Support
the management system Information Security Vulnerability Management
(ISVM) Compliance.--- Experience leading a team of ISSOs
Qualifications Required--- Must be U.Scitizen--- Bachelor's Degree
and 8 years of cybersecurity experience; which must be
FISMA-related OR--- No degree and 12 years of cybersecurity
experience; 10 of which must be FISMA-related OR--- Master's Degree
in an IT field and 6 years of cybersecurity experience; which must
be FISMA-related--- Must possess one of the following
certifications:--- Certified Information System Security
Professional (CISSP)--- CompTIA Advanced Security Practitioner
(CASP)--- Certified Information Systems Auditor (CISA)--- Certified
Information Security Manager (CISM)--- Systems Security Certified
Practitioner (SSCP)--- GIAC Information Security Professional
(GISP)--- GIAC Security Leadership (GSLC)--- Applies extensive
knowledge of a variety of the IA field's concepts, practices, and
procedures to ensure the secure integration and operation of all
systems--- Extensive specialized knowledge of financial audit
standards, classified system IA requirements and Privacy Act
requirements--- Specialized knowledge and experience with the
implementation of the NIST Special Publication (SP) 800 family of
publications, particularly those associated with the Risk
Management Framework.--- Specialized knowledge and experience with
evaluating system, network, or infrastructure security controls
against requirements such as FISMA, FIPS, and NIST guidelines
Knowledge and experience with the vulnerability scanning execution,
assessment, and analysis--- Knowledge and experience with the
operating system and network knowledge (i.e., Local Area Networks
[LAN] and Wide Area Networks [WAN])--- Knowledge and experience
with application security, database security, and network
security--- Knowledge and experience with the vulnerability
scanning, assessment, and analysis--- Knowledge and experience with
the information security and assurance principles (e.g.,
Defense-in-depth) and associated supporting technologies--- Ability
to assess and weigh current and evolving security threats in an
operational environment Preferred Skills--- Current experience
providing ISSO support to DHS--- Experience supporting systems
hosted in Cloud environments.--- Experience supporting systems in
Agile and DevOps environmentsAbout steampunk Steampunk is a Change
Agent in the Federal contracting industry, bringing new thinking to
clients in the Homeland, Federal Civilian, Health and DoD
sectorsThrough our Human-Centered delivery methodology, we are
fundamentally changing the expectations our Federal clients have
for true shared accountability in solving their toughest mission
challengesAs an employee owned company, we focus on investing in
our employees to enable them to do the greatest work of their
careers - and rewarding them for outstanding contributions to our
growthIf you want to learn more about our story, visit
http://www.steampunk.com We are an equal opportunity employer and
all qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, national origin,
disability status, protected veteran status, or any other
characteristic protected by lawSteampunk participates in the
E-Verify program.
Keywords: steampunk, Columbia , Principal Information System Security Officer with Security Clearance, IT / Software / Systems , Fairfax, Maryland
Click
here to apply!
|