Senior ISSO - TS/SCI CI Poly
Washington, DC
Full Time Senior-level / Expert Clearance required USD 63K - 147K *
cFocus Software Incorporated
Our exclusive ATO as a Service™ software & expert services automate FISMA RMF & FedRAMP compliance.
cFocus Software is seeking a Senior ISSO to join our program located in Washington, DC / JBAB. This position requires an Active TS/SCI CI Poly.
Job Description:
Job Description:
- Lead the RMF process for assigned Cross Domain appliances withing DIA Enterprise networks.
- Maintain and report system’s Assessment & Authorization (A&A) status and events.
- Manage the System Security Plan (SSP) for assigned Cross Domain systems throughout their lifecycle.
- Perform annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.
- Ability to understand Service Central to monitor project requests required to initiate new change requests.
- Manage POA&M entries and ensuring vulnerabilities are properly tracked, mitigated, and resolved.
- Assist with identification of the security control baseline set and any applicable overlays.
- Ability to communicate relevant changes to the Security Control Assessor (SCA)
- Assemble the Security Authorization Package and submit for adjudication.
- Register and maintain the system in XACTA.
- Plan and perform cybersecurity testing to assess security controls and recording security control compliance status during sustainment.
- Report changes in the security posture of systems to the Authorizing Official (AO).
- Utilize the Collaboration Board in XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).
- Assist the ISSMs in executing their duties and responsibilities.
- Ensure all users possess the requisite security clearances and awareness of their responsibilities for systems under their purview prior to being granted access.
- Ensure an incident response, business continuity, disaster recovery, as well as vulnerability and threat reporting plans and channels are in place and that team members are trained accordingly.
- Ensure relevant policy and procedural documentation is current and accessible to properly authorized individuals.
- Utilize the Collaboration Board in the XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).
- TS/SCI w Counter Intelligence Polygraph required
- Must meet DoD 8570/8140 Certifications (i.e. IAM Level II/III or IAT II/III).
- Well versed with using vulnerability assessment tools (ACAS, NESSUS, etc.) and analyzing the results generated from these assessments.
- Demonstrated experience writing information system security control documentation (SSPs, POA&Ms, PTAs, PIAs, CMPs, CPs and IRPs).
- Knowledge of Risk Management Framework (RMF) information security engineering, design concepts and principles.
- Support annual assessments in accordance with guidance in the DIA Enterprise standards.
- Basic understanding of VMware.
- Ability to use MS Office, Analytical and Critical Thinking Skills,
- Proactively create, monitor and update the status of POA&Ms to ensure weaknesses are resolved in accordance with their scheduled completion dates;
- Respond to emerging requirements or policies as set by legislation, regulation or policy;
- Experience supporting systems hosted in Cloud environments.
- Conduct Contingency Plan tests at least annually and updating the plan;
- Maintain knowledge of inventory in accreditation boundary;
- Oral and written communication skills;
- Interpersonal and People Skills.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Compliance Jobs
Leadership Jobs
Tags: ACAS Cloud Compliance DoD DoDD 8140 DoDD 8570 FISMA IAM Incident response Nessus POA&M Polygraph Risk management RMF System Security Plan TS/SCI VMware Vulnerabilities
Perks/benefits: Team events
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSecurity Consultant jobsSenior Information Security Analyst jobsSenior Penetration Tester jobsSecurity Specialist jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsIT Security Analyst jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Information Security Engineer jobsSystems Administrator jobsThreat Intelligence Analyst jobs
GDPR jobsSaaS jobsForensics jobsEncryption jobsMalware jobsTop Secret jobsEDR jobsSDLC jobsSplunk jobsRMF jobsSQL jobsIDS jobsIPS jobsBash jobsCompTIA jobsIntrusion detection jobsDoDD 8570 jobsDocker jobsThreat detection jobsFinance jobsITIL jobsOWASP jobsTCP/IP jobsTerraform jobsActive Directory jobs
VPN jobsCRISC jobsGIAC jobsUNIX jobsClearance Required jobsIT infrastructure jobsBanking jobsSANS jobsJavaScript jobsPolygraph jobsAnsible jobsHIPAA jobsJira jobsDNS jobsMITRE ATT&CK jobsSOX jobsOSCP jobsCCSP jobsData Analytics jobsMachine Learning jobsSOC 2 jobsSecurity strategy jobsSOAR jobsGCIH jobsCISO jobs