ISSO (Information System Security Officer)
Armison Tech
- Chantilly, VA
- Permanent
- Full-time
Location: Chantilly, VA (on-site client environment)
Clearance: TS/SCI with Polygraph
Compensation: Competitive, Excellent BenefitsOnly applicants with the active required security clearance and are U.S. Citizens will be reviewed.Warnings about cyber threats are everywhere and the constantly evolving nature of these threats can make understanding them seem overwhelming to the intelligence community. In all of this "cyber noise", how can these organizations understand their risks and how to mitigate them? The answer is you - an information security risk specialist who will break down complex threats into manageable plans of action.As an Network Engineer on our team, you'll use your experience to work help your team discover their cyber risks, understand policies, and develop a mitigation plan. You'll work with your client to translate security concepts, so they can make the best decisions to secure their mission critical systems.The appropriate candidate should have experience with the following:
- Must maintain active/current TS/SCI with a polygraph clearance.
- 5+ years with a BS OR 7+ years without a BA/BS in a technical discipline.
- Demonstrated experience with Authority and Accreditation (A&A) and C&A packages needed to obtain security approvals for system deployments into production state.
- Demonstrated experience reviewing assessment reports and assisting projects in identifying security risks, including technical and non-technical.
- Experience developing effective mitigation strategies, including Plan of Action and Milestones (POA&Ms).
- Demonstrated experience assuring that system components and software applications adhere to continuous monitoring and compliance with security assessments and controls.
- Demonstrated experience reviewing and authoring System Security Plans (SSP's), security requirements, and other supporting documentation for the A&A process.
- Ability to write and review NIST 800-53 controls.
- Experience running and interpreting Rapid7 Scans.