Information Security Officer

Job Description

The Security Officer is responsible for all activities related to designing, selecting, implementing, and maintaining security controls for major information systems supporting federal government contracts, including achieving and sustaining authorization to operate (ATO) following NIST Risk Management Framework procedures and guidance mandated under FISMA. Key job duties including specifying and documenting security control requirements, supporting security control assessments, and working with development and implementation team members to ensure that all security requirements are adequately addressed.  The Security Officer also identifies relevant security and privacy standards and regulations applicable to systems under development or in operation and helps ensure compliance with those standards and regulations. 

Key responsibilities

• Analyze systems, data, and operating environments to determine appropriate security controls while managing a team.

• Produce key authorization package documentation, including System Security Plans, Contingency Plans, Security Test Plans, Plans of Action and Milestones, Privacy Impact Assessments, and related artifacts

•  Collaborate with technical team members to incorporate security perspectives in SDLC artifacts associated with requirements, design, development, testing, and operations and maintenance life cycle phases

• Review system architecture and system design documentation to identify security-relevant aspects of systems and solutions and accurately reflect that information in security documentation

• Work closely with project team members to make sure that applicable security requirements are incorporated in systems and solutions deployed for the project

• Participate in business, technical, and security reviews of the solution to explain selected security and privacy controls

• Perform initial and ongoing risk assessments of the system

• Location is in McLean, VA- remote work is an option. 20-40% travel is required

  Minimum Qualifications:

• Minimum 5 years relevant experience

• Bachelor’s Degree or equivalent experience

• Strong technical knowledge of networks, operating systems, and n-tier applications

• Experience performing risk management framework and system authorization tasks in a FISMA (i.e., federal government agency) setting

• Familiarity with NIST standards and guidance including FIPS 199, FIPS 200, and the 800 series of Special Publications

• CMS experience

• Prior experience performing in the role of an information security officer/information systems security officer (ISO/ISSO) on a federal government contract

• Relevant security certifications such as CISSP, SSCP, CAP, or CISA

• Experience securing systems or environments that process personally identifiable information (PII) or protected health information (PHI)

Preferred Qualifications:

• Experience with Centers for Medicare & Medicaid Services (CMS) systems, including Technical Review Board (TRB) review and compliance processes

• Formal education or professional experience in information assurance, information security management, or security operations

• Experience working with online security tools such as Trusted Agent FISMA, RSA Archer, or CSAM

• Excellent organizational, interpersonal, verbal, and written communication skills

• Ability to work effectively as part of an integrated project team, while also taking ownership of assigned tasks to successfully achieve explicit delivery dates and milestones

• Ability to perform comfortably in a fast-paced, deadline oriented work environment

• Ability to successfully execute many complex tasks simultaneously

What We Offer  

Our mission is to provide comprehensive and competitive pay, benefits, services, and programs to eligible employees and their dependents that:  

• Ensure optimal health and productivity of our employees   

• Support employee retention and attraction  

• Provide work/life balance to ensure our employees succeed inside and outside of the office  

Compensation

The pay range for this job is determined by various factors, including but not necessarily limited to location, responsibilities of the job, and alignment with market data. When determining a salary for this role, the following factors may be taken into consideration - contract-specific affordability, education, knowledge, skills, competencies and experience. The estimate displayed represents the salary range for this position and is just one component of Cognosante’s total compensation package for employees. It is not necessarily reflective of actual compensation that may be earned, nor a promise of any specific pay for any specific employee. 

Cognosante will not provide sponsorship for employment-based immigration benefits for this position.

What We Promise  

Cognosante employees are inspired by our bold mission to improve lives. To achieve this mission, we put our people first. No matter where they're located around the nation, our innovative workplaces enable individuals to apply their skills and experience to work toward a greater good.  

We foster a winning culture of solution creators built on innovation, collaboration, flexibility, and work-life balance. And we invest in the next generation of diverse talent to foster an inclusive, progressive, adaptable workplace that prioritizes advancement for all. As an affirmative action employer, we are committed to equal opportunity regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.   

Your safety during your job search is important. Recruiting communications will always be sent through one of the following corporate domain emails (@cognosante.com or @accurate.com).  

We will never send communications through any other domain, including @cognosantecareers.com, @gmail.com or @yahoo.com). We will never request payment from you, nor will we send payment to you, prior to your start date. If you have been asked to send or receive any payment, or if you have any doubt about whether you have been contacted by a Cognosante employee, please contact us at jobs@cognosante.com