Senior ISSO - TS/SCI CI Poly
Washington, DC
Full Time Senior-level / Expert Clearance required USD 63K - 147K *
cFocus Software Incorporated
Our exclusive ATO as a Service™ software & expert services automate FISMA RMF & FedRAMP compliance.
cFocus Software is seeking a Senior ISSO to join our program located in Washington, DC / JBAB. This position requires an Active TS/SCI CI Poly.
Job Description:
Job Description:
- Lead the RMF process for assigned Cross Domain appliances withing DIA Enterprise networks.
- Maintain and report system’s Assessment & Authorization (A&A) status and events.
- Manage the System Security Plan (SSP) for assigned Cross Domain systems throughout their lifecycle.
- Perform annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.
- Ability to understand Service Central to monitor project requests required to initiate new change requests.
- Manage POA&M entries and ensuring vulnerabilities are properly tracked, mitigated, and resolved.
- Assist with identification of the security control baseline set and any applicable overlays.
- Ability to communicate relevant changes to the Security Control Assessor (SCA)
- Assemble the Security Authorization Package and submit for adjudication.
- Register and maintain the system in XACTA.
- Plan and perform cybersecurity testing to assess security controls and recording security control compliance status during sustainment.
- Report changes in the security posture of systems to the Authorizing Official (AO).
- Utilize the Collaboration Board in XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).
- Assist the ISSMs in executing their duties and responsibilities.
- Ensure all users possess the requisite security clearances and awareness of their responsibilities for systems under their purview prior to being granted access.
- Ensure an incident response, business continuity, disaster recovery, as well as vulnerability and threat reporting plans and channels are in place and that team members are trained accordingly.
- Ensure relevant policy and procedural documentation is current and accessible to properly authorized individuals.
- Utilize the Collaboration Board in the XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).
- TS/SCI w Counter Intelligence Polygraph required
- Must meet DoD 8570/8140 Certifications (i.e. IAM Level II/III or IAT II/III).
- Well versed with using vulnerability assessment tools (ACAS, NESSUS, etc.) and analyzing the results generated from these assessments.
- Demonstrated experience writing information system security control documentation (SSPs, POA&Ms, PTAs, PIAs, CMPs, CPs and IRPs).
- Knowledge of Risk Management Framework (RMF) information security engineering, design concepts and principles.
- Support annual assessments in accordance with guidance in the DIA Enterprise standards.
- Basic understanding of VMware.
- Ability to use MS Office, Analytical and Critical Thinking Skills,
- Proactively create, monitor and update the status of POA&Ms to ensure weaknesses are resolved in accordance with their scheduled completion dates;
- Respond to emerging requirements or policies as set by legislation, regulation or policy;
- Experience supporting systems hosted in Cloud environments.
- Conduct Contingency Plan tests at least annually and updating the plan;
- Maintain knowledge of inventory in accreditation boundary;
- Oral and written communication skills;
- Interpersonal and People Skills.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Compliance Jobs
Leadership Jobs
Tags: ACAS Cloud Compliance DoD DoDD 8140 DoDD 8570 FISMA IAM Incident response Nessus POA&M Polygraph Risk management RMF System Security Plan TS/SCI VMware Vulnerabilities
Perks/benefits: Team events
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Officer jobsInformation Systems Security Officer jobsInformation Security Manager jobsInformation System Security Officer jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsInformation Security Specialist jobsSenior Cyber Security Engineer jobsSecurity Consultant jobsSenior Penetration Tester jobsSenior Information Security Analyst jobsCyber Security Specialist jobsIT Security Engineer jobsSecurity Specialist jobsPrincipal Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsSecurity Operations Analyst jobsCyber Security Architect jobsThreat Intelligence Analyst jobsCybersecurity Consultant jobsSenior Product Security Engineer jobs
Forensics jobsGDPR jobsEDR jobsSaaS jobsEncryption jobsTop Secret jobsMalware jobsSplunk jobsRMF jobsSDLC jobsSQL jobsIDS jobsBash jobsIPS jobsIntrusion detection jobsDocker jobsDoDD 8570 jobsCompTIA jobsOWASP jobsITIL jobsTerraform jobsTCP/IP jobsFinance jobsActive Directory jobsThreat detection jobs
UNIX jobsCRISC jobsVPN jobsClearance Required jobsGIAC jobsSANS jobsPolygraph jobsBanking jobsAnsible jobsJavaScript jobsOSCP jobsHIPAA jobsGCIH jobsJira jobsDNS jobsIT infrastructure jobsMITRE ATT&CK jobsCCSP jobsData Analytics jobsMachine Learning jobsSOAR jobsSOX jobsOracle jobsSOC 2 jobsCISO jobs