isecjobs.com

Information Systems Security Officer - Senior

Work from home, VA

⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️

Full Time Senior-level / Expert USD 145K
Company logo

ECS

ECS is a technology leader in science, engineering, cloud, cybersecurity, artificial intelligence, machine learning and IT modernization. Reach out today.

View all jobs at ECS

Apply now Apply later

ECS is seeking an Information Systems Security Officer - Senior to work remotely.  

 

ECS is looking for an experienced Information Systems Security Officer (ISSO) to join our team supporting multiple platforms to attain and/or maintain their ATOs. The ISSO will be critical in protecting our DHS customers’ information systems and ensuring compliance with federal cybersecurity regulations and policies. The ideal candidate will have a strong background in federal cybersecurity, with at least five years of hands-on experience developing, documenting, and managing Authorization to Operate (ATO) packages for federal information systems.  

 

Responsibilities 

  • Develop, prepare, and update RMF authorization packages and security documents in accordance with NIST SP 800-53 Rev. 4/5, particularly those associated with NIST’s Risk Management Framework and FedRAMP. 
  • Applies extensive knowledge of a variety of the Cybersecurity field’s concepts, practices, and procedures to ensure the secure integration and operation of all systems. 
  • Manage the Authorization to Operate (ATO) process throughout the system lifecycle, including initial authorization, reauthorization, and continuous monitoring activities. 
  • Conduct security assessments and information system security oversight activities, identifying potential security weaknesses and recommending improvements. 
  • Develop and maintain critical security documentation, such as System Security Plans (SSP), Contingency Plans (CP), Privacy Impact Assessments (PIA), and Plan of Action and Milestones (POA&M). 
  • Serve as the primary point of contact for government clients and stakeholders on cybersecurity and compliance matters. 
  • Coordinate with system owners, developers, engineers, and other stakeholders to implement security controls and ensure compliance with security requirements. 
  • Manage POA&Ms, tracking remediation efforts and escalating risks as necessary. 
  • Ensure the collection, review, and documentation of audit records, using financial audit standards, classified system IA requirements and Privacy Act requirements. analyzing anomalies and ensuring proper remediation. 
  • Monitor system security configurations, audit logs, and patch management for compliance and threat detection. 
  • Vulnerability scanning execution, assessment, and analysis  
  • Operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide 
  • Area Networks [WAN]) 
  • Stay abreast of evolving security and risk management standards, including NIST, DoD, FISMA, FIPS, guidelines, and apply relevant changes to existing processes. 
  • Provide configuration management recommendations for security software, hardware, and firmware. 
  • Support incident response efforts and forensics investigations. 
  • Provide input to cybersecurity policy and process development and support user training and awareness initiatives.  

Salary Range: $145,000 - $145,000

General Description of Benefits

Qualifications
  • Bachelor's Degree in Computer Science, Information Systems, Cybersecurity, or a related field. 
  • No Degree: 10 years of Cybersecurity & FISMA experience 
  • Bachelor’s Degree: 8 years of Cybersecurity & FISMA experience 
  • Master’s degree: 6 years of Cybersecurity & FISMA experience 
  • Proficient in the Risk Management Framework (RMF) and all associated tools (e.g., eMASS, Xacta, ACAS, Splunk, DISA STIGs, SCAP, STIG Viewer). 
  • Experience with cloud security requirements and compliance in federal environments (e.g., FedRAMP, AWS, Azure).  
  • Strong understanding of federal cybersecurity policies, regulations, and guidelines, such as NIST 800-53 Rev. 4/5, FISMA, and DoD directives. 
  • Professional security certification such as CISSP, CISM, CompTIA Security+ CE, SSCP, CEH, CASP, CISA or higher, in compliance with DoD 8140 requirements. 
  • Experience interpreting vulnerability scans (e.g., ACAS, Tenable Nessus, SCAP) and developing remediation plans. 
  • Excellent written and verbal communication skills, including the ability to present complex technical information to diverse audiences. 
  • Demonstrated ability to work independently and collaboratively in a fast-paced, deadline-driven environment.  
  • Outstanding problem solving and analytical skills, including ability to create clear observations, analysis and conclusions based on customer interviews and data. 
  • Minimum Education: Possesses one of the following professional security certifications: 
    • Certified Information Systems Security Professional (CISSP)
    • Certified Information Security Manager (CISM) 
    • Certified Ethical Hacker (CEH)
    • CompTIA Advanced Security Practitioner (CASP)
    • Systems Security Certified Practitioner (SSCP)
    • Certified Information Systems Auditor (CISA)
    • Similar security professional certifications must be approved by the Federal PM 
Apply now Apply later
Job stats:  2  0  0

Tags: ACAS AWS Azure CASP+ CEH CISA CISM CISSP Cloud Compliance CompTIA Computer Science DISA DoD DoDD 8140 eMASS FedRAMP FISMA Forensics Incident response Monitoring Nessus NIST NIST 800-53 POA&M Privacy Risk management RMF SCAP Security assessment Splunk SSCP STIGs System Security Plan Threat detection Vulnerability scans

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Systems Engineer jobsInformation System Security Officer jobsSystems Administrator jobsSenior Security Analyst jobsSenior Cybersecurity Engineer jobsSenior Cloud Security Engineer jobsSecurity Operations Engineer jobsCyber Security Specialist jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsSecurity Consultant jobsInformation Security Manager jobsSenior Information Security Engineer jobsSenior Network Security Engineer jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsSenior Software Engineer jobsSenior IT Auditor jobsSoftware Engineer jobsNetwork Engineer jobsCyber Threat Intelligence Analyst jobsCybersecurity Specialist jobs
TS/SCI jobsEDR jobsBash jobsJava jobsEncryption jobsSDLC jobsRMF jobsSplunk jobsTerraform jobsIDS jobsThreat detection jobsCompTIA jobsTop Secret jobsMalware jobsOWASP jobsDocker jobsITIL jobsIPS jobsSQL jobsForensics jobsActive Directory jobsGIAC jobsFinance jobsSOC 2 jobsClearance Required jobs
MITRE ATT&CK jobsOSCP jobsDoDD 8570 jobsIntrusion detection jobsTCP/IP jobsVPN jobsHIPAA jobsIndustrial jobsData Analytics jobsCRISC jobsSOAR jobsZero Trust jobsJavaScript jobsDNS jobsIT infrastructure jobsCCSP jobsNIST 800-53 jobsMachine Learning jobsKPIs jobsAnsible jobsBanking jobsSANS jobsSOX jobsJira jobsUNIX jobs