Information Systems Security Officer

Sev1Tech

  • Woodbridge, VA
  • Permanent
  • Full-time
  • 2 months ago
Overview/ Job ResponsibilitiesSev1Tech is looking for an experienced Information Systems Security Officer to support the NAVAIR Digital Engineering contract based in NSWC Dahlgren, VA and Patuxent River NAS, MD. This critical role responsibiliites include, but are not limited to:Developing Security Requirements Traceability Matrix (STRM), aligning security requirements with the individual components of a system. * Providing automated and manual validations of Information Assurance Controls (IACs) and Validation Procedures (VPs) in accordance with the DoD Guidelines, CNSSI 1253 and/or NIST 800-Publications.
  • Performing checks of systems and applications for IA vulnerabilities using approved automated IA tools (ACAS, SCAP-compliant scanners, DISA STIG Viewer, etc.), custom scripts and manually (Security Technical Implementation Guides [STIGS]).
  • Documenting raw findings in a quick look report, for customer notification. Create and maintain system Plan of Action and Milestones (POA&M).
  • Performing self-assessments and Independent Verification & Validation (IV&V) for DoD and other federal agencies.
  • Supporting the development and documentation of risk assessment results and recommendations using identified threats, applicable vulnerabilities, and likelihood of occurrence within context of risk tolerances
  • Providing recommendations for corrective actions and mitigation strategies.
  • Producing security risk assessment briefs and reports for delivery to stakeholders and senior management.
  • Consulting on current and upcoming projects covering all levels of IT security.
Minimum QualificationsRequires Bachelor’s degree (in Engineering, IT, Computer Science or related field) or equivalent and the following experience:
  • Minimum 6 years of related experience
  • Clearance: A Secret Clearance is mandatory upon start
  • Certification requirement: Must have a DoD 8570.1-M IAT Level II certification prior to hire
  • Experience administering or configuring Window Servers/ VMware EXSI/ Database (SQL, Oracle)/Web (IIS,Apache)/ SharePoint/ Linux/Unix/Solaris/ Cisco Network gear (Switches, Routers, ASA, etc.) F5/Palo Alto/ Brocade Devices /SANS-NAS.
  • Experience performing risk assessments and audits.
  • Experience using DoD approved tools (ACAS, SCAP-compliant scanners, etc.).
  • Knowledge of the overall Risk Management Framework and NIST compliance as a security professional.
  • Understanding of cyber defensive architecture and technologies required to protect, detect, and respond to cyber threats.
  • Experience presenting to clients or management to present technical and non-technical information to allow key personnel to make informed decisions.
  • Familiarity with information security documents, government orders, notices, and guidelines.
About Sev1Tech LLCFounded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies. Enable better government. Protect our nation. Build better humans across the country.Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression. Please apply directly through the website at: #joinSev1techFor any additional questions or to submit any referrals, please contact:Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Sev1Tech