Junior Information Systems Security Officer (ISSO)
Washington DC
Applications have closed
XOR Security is currently seeking several talented Junior level Information Systems Security Offer to support an Agency-level Advanced Cyber Analytics team.
Responsibilities:
- Create and maintain Assessment and Authorization (A&A) documentation: Software/Hardware Inventory, Network diagrams, INFOSEC Policies and Procedures, Contingency Plan, Incident Response Plan, and Configuration Management Plans, SCTM, SAR and RAR
- Capture and refine information security requirements for new systems or for enhanced functionality on existing system and ensure that the requirements are effectively integrated into information systems throughout the System Development Life Cycle (SDLC)
- Assist with assessing Information Assurance long term needs and acquisition requirements to accomplish mission objectives
- Implement information security standards and procedures
- Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies
- Evaluate security solutions to ensure they meet security requirements for processing classified information
- Conduct research and testing to ensure existing and evolving products/services meet current Office of the Director of National Intelligence (ODNI) and local authorities security requirements as appropriate
- Advise CIO, CISO, ISSM, management and stakeholders on security-related matters
- Ensure the operational security posture of their systems, they are responsible for the daily security operation of their assigned systems and they advise their partners on specific IT and security policy procedures
- Ensure that management, operational, and technical controls for securing networks are in place and are followed. This includes ensuring that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle, from the requirements definition phase through disposal
- Manage changes to system and assess the security impact of those changes
- Perform COMSEC Custodian duties as required
- Respond to security incidents, and report incidents to the IC SCC, CISO, and the appropriate authorities
- Performed equipment decommissioning and sanitization
- Facilitate Personal Electronic Devices (PED) into and out of the SCIF as required. Assure that all PEDs have been disabled prior to SCIF entry
- Review existing legacy and info-share repositories and update as needed, Co-Use, MOA, ISA, ADT training, account requestors.
Required Qualification:
- Top Secret Clearance
- Must have 1 - 2 years of professional experience with a bachelor’s degree in a relevant technical field. A majority of the experience in the areas of information assurance (i.e. the 10 pillars of CISSP).
- familiarity with system security support IAW ICD 503 / Risk management Framework (RMF).
- Must have experience and knowledge of DoD, IC, or national level system security initiatives and classified programs and infrastructures;
- Possess effective interpersonal and presentation skills as he/she operates in a client-facing role
- Possess knowledge of how to use the NVD and NIAP portals to review software or hardware vulnerabilities
- Expert knowledge of ACAS (Nessus/Tenable)
- Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures
- Must Possess extensive experience supporting the Intelligence Community (IC)
- Extensive experience with supporting the Joint Worldwide Intelligence System (JWICS)
- Expert knowledge of cloud architecture
- Preferred technical experience effectively provided network and/or system administration, and/ or computer operations
- Knowledge of virtualization.
- Must possess CISSP, CISA or CISM certification
- Active Top Secret Clearance is required
Closing Statement:
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and TOP SECRET/SCI CLEARANCE REQUIRED.
Tags: Analytics CISA CISM CISSP Clearance Clearance Required Cloud DoD ICD 503 Incident response Nessus Risk Assessment Report Risk management SCTM SDLC Security Assessment Report Top Secret Top Secret Clearance TS/SCI Vulnerabilities
Perks/benefits: 401(k) matching Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs