Information System Security Officer (ISSO)
Alexandria, Virginia, United States
Positions Available: 3 - FUOPS-COB (Cybersecurity Auditors)
Remote Capability: 4 Days On-Site in Alexandria, VA, 1 Day Remote Capability
Clearance Requirement: Secret, Active
Avint is seeking an experienced ISSO to support a Federal Agency contingent award starting mid to late Summer 2022. This position is responsible for assisting the government in the assessment process for all new and legacy systems to determine the security requirements associated with each system. The ISSO shall interact with both technical and non-technical personnel in order to conduct a comprehensive review of a system, network or application. This is a technical role requiring moderate to advanced knowledge of security engineering, the ATO process, enterprise monitoring, and incident response. The ISSO shall assist in building or refining the program to achieve the assessment process. The ISSO shall work with various elements of the cybersecurity team to understand roles, missions and requirements in order to inform this process.
Requirements
- Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support IT security goals and objectives and reduce overall organizational risk.
- Work with Information Assurance Engineers and other cyber security personnel to identify, implement, assess, and manage cyber security capabilities and services.
- Collect and maintain data needed to meet system cybersecurity reporting.
- Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
- Identify IT security program implications of new technologies or technology upgrades.
- Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s cybersecurity program.
- Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
- Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
- Support remediation actions associated with findings from inspections and evaluations.
- Support efforts to ensure that systems, networks, and data users are aware of, understand, and adhere to system security policies and procedures.
- Support various compliance reports for dormant accounts, account configurations, active directory group policies, server configurations, and more.
- Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals.
- Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Continuously validate the organization against policies, guidelines, procedures, regulations and laws to ensure compliance.
Technical Areas of Expertise
- NIST 800.53, 800.171, RMF Framework and Cybersecurity Framework
- Developing System Security Plans, Disaster Recovery Plans, and similar documentation required for RMF.
- Understanding of industry security and compliance statuses, standards, and policies.
Qualifications
- Bachelor’s degree in a related field or technical discipline, or 4-7 years of equivalent work experience in similar roles within the DoD or Federal Government, such as serving as an ISSO at a cleared facility.
- CSSP-AU (2 years of CSSP experience with certifications such as CEH, CompTIA Pentest+, CompTIA CySA+, GSNA or CISA) or be willing to obtain within 6 months of employment.
- Must possess a strong working knowledge of Information Assurance concepts, to include Assessment and Authorization (A&A) activities, general IT system functions, documented security policies and best practices, standard technical security safeguards and other core competencies such as: vulnerability management, network management, risk management, threat analysis, operating systems, enterprise architecture, policy management, encryption, system hardening etc.
Benefits
Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, a unique 401K plan, and generous PTO and Federal Holidays.
Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!
Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.
Tags: Active Directory CEH CISA Clearance Compliance CompTIA DoD Encryption Incident response Monitoring NIST Risk management System Security Plan Vulnerability management
Perks/benefits: 401(k) matching Career development Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs