Information Systems Security Officer
Sev1Tech
- Woodbridge, VA
- Permanent
- Full-time
- Performing checks of systems and applications for IA vulnerabilities using approved automated IA tools (ACAS, SCAP-compliant scanners, DISA STIG Viewer, etc.), custom scripts and manually (Security Technical Implementation Guides [STIGS]).
- Documenting raw findings in a quick look report, for customer notification. Create and maintain system Plan of Action and Milestones (POA&M).
- Performing self-assessments and Independent Verification & Validation (IV&V) for DoD and other federal agencies.
- Supporting the development and documentation of risk assessment results and recommendations using identified threats, applicable vulnerabilities, and likelihood of occurrence within context of risk tolerances
- Providing recommendations for corrective actions and mitigation strategies.
- Producing security risk assessment briefs and reports for delivery to stakeholders and senior management.
- Consulting on current and upcoming projects covering all levels of IT security.
- Minimum 6 years of related experience
- Clearance: A Secret Clearance is mandatory upon start
- Certification requirement: Must have a DoD 8570.1-M IAT Level II certification prior to hire
- Experience administering or configuring Window Servers/ VMware EXSI/ Database (SQL, Oracle)/Web (IIS,Apache)/ SharePoint/ Linux/Unix/Solaris/ Cisco Network gear (Switches, Routers, ASA, etc.) F5/Palo Alto/ Brocade Devices /SANS-NAS.
- Experience performing risk assessments and audits.
- Experience using DoD approved tools (ACAS, SCAP-compliant scanners, etc.).
- Knowledge of the overall Risk Management Framework and NIST compliance as a security professional.
- Understanding of cyber defensive architecture and technologies required to protect, detect, and respond to cyber threats.
- Experience presenting to clients or management to present technical and non-technical information to allow key personnel to make informed decisions.
- Familiarity with information security documents, government orders, notices, and guidelines.