Information System Security Officer (ISSO) SR/Lead

Avint is seeking a motivated, career and customer oriented ISSO Lead to join our team in the Herndon, VA area to provide unparalleled support to our customer and to begin an exciting and rewarding career with Avint. The ISSO Lead will support multiple Federal Agencies through the Continuous Diagnostics & Mitigation (CDM) Program. The CDM Program is a high-profile, high-visibility, cybersecurity modernization and risk management program where you can contribute innovative solutions and consult with several Federal Agencies to enhance their Information Assurance (IA) programs and continuous monitoring capabilities.

The ISSO Lead will be responsible for leading a highly experienced team of ISSOs supporting Avint’s CDM effort. Demonstrating a proven track record the ISSO Lead will bring critical experience to drive the CDM mission through leadership, coaching, and consulting in areas of computer security, design and development, and methodology implementation.

Ideal candidate will have past exposure in supporting an array of Federal clients. Individual will focus on the development and preservation of a highly experienced team of security specialists following consistent, goal-oriented approaches to address clients’ complex requirements in a prioritized and actionable manner. Aside from having comprehensive knowledge in supporting NIST SP 800-37 rev2 and NIST SP 800-53 rev 4 the individual must adapt quickly to a dynamic work environment and utilize past consulting expertise to drive the business mission.

Position Responsibilities:

• Coordinate and track assignments/activities of the ISSOs
• Perform all key functions for the facilitation, execution, and reporting of all system security externally with Federal Agencies
• Support creation of contract deliverables and system security related project artifacts
• Provide consulting to Agencies on Requests for Service for the design, development, and deployment of Ongoing Assessment, Ongoing Authorization, and other Information Assurance (IA) initiatives
• Provide continuous monitoring to enforce client security policy and procedures and create processes that will provide increased visibility to system owners on impacts to the security posture of systems
• Ensure system security measures comply with applicable government policies
• Monitor configuration management changes and assess the impact of modifications and vulnerabilities for each system
• Ensure that system security requirements are addressed throughout the project and system lifecycle
• Ensure effective controls and processes are in place and working effectively to maintain a strong system security posture.
• Perform vulnerability/risk assessment analyses to support Assessment & Authorization (A&A) activities
• Develop, maintain, and facilitate the appropriate closure of POA&Ms and facilitate with the Agency-designated security Point of Contact (POC)/ISSO any related remediation activities
• Understand and monitor operations processes, including but not limited to, the Incident Response Process and Communications Process, to ensure that they are followed properly at Agencies for applicable CDM solutions and tools
• Ensure the development, documentation, and presentation of IS security education, awareness, and training activities for users and others, as appropriate
• Provide prompt feedback to CDM Project Management, Engineering and Operations personnel in a timely manner and provide ongoing education on security protocols and procedures
• Leading and mentoring a team of experienced ISSOs/security engineers in complex tasks and issues
• Provide outside the box thinking to develop complex solutions to support client requirements
• Scoping proposed security efforts in LOEs and ROMs in support of RFSs
• Lead in the development of high-quality security white papers to help educate and drive key concepts
• Build and maintain direct relationships across Avint’s project teams supporting CDM and Agency POCs
• Drive policy enforcement and identify gaps in procedures

Requirements

Technical Areas of Expertise

• Master’s degree in Information Technology or Information Security
• Demonstrated DHS specific InfoSec experience specializing in NIST RMF

• Experience with DHS Ongoing Authorization Program Framework and use cases preferred
• Experience with DHS Continuous Diagnostics and Mitigation (CDM) a plus

• ITIL certification
• Experience with Jira, ServiceNow and SharePoint
• Experience with program evaluation and redesign
• Experience with configuration, requirements, incident, and problem management

Qualifications

• Bachelor’s degree in Information Technology or Information Security
• 7+ years demonstrated InfoSec experience specializing in NIST RMF, including team lead responsibilities
• DoD 8570 approved baseline certification (s) (i.e., CISSP, CISM)
• Extensive knowledge and experience with information security standards, policies, and practices – NIST SP 800-53 rev4, SP 800-37 rev2, FIPS-199, DHS 4300A.
• Proficiency in Cloud (Azure, AWS)
• Demonstrated experience writing information system security documentation (System Security Plans (SSP), Plans of Action and Milestones (POA&Ms), PTAs, PIAs, CMPs, CPs, and IRPs).
• Experience using vulnerability assessment tools (NESSUS, AppDetective, etc.), analyzing and interpreting assessment results.
• Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/written reports) to all levels of management
• Ability to research and address information security issues as required as an authority on the subject.
• FedRAMP experience a plus
• Strong understanding of infrastructure technologies and functionalities (e.g., firewalls, Windows/Linux servers, Active Directory (AD), Tenable, Nessus, HPBS, Splunk, SolarWinds, CyberArk, etc.)
• Effective oral and written communication skills with customer, technical, and senior management personnel
• Must possess a self-starter mentality and be an effective problem-solver
• Exceptional organizational and multi-tasking skills

Physical Requirements

• Office work, typically sedentary with some movement around the office

Benefits

Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, and generous PTO and Federal Holidays. Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!

Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.