Information Systems Security Officer (ISSO)

Description

Concept Solutions is seeking an Information Systems Security Officer (ISSO) to provide information security expertise to ensure the security of the Combined DNA Index System (CODIS) in Quantico, VA. This position is contingent upon contract award.

Location: Quantico, VA (Hybrid)

Responsibilities:

· Design and implement secure system architectures within the I2D2 accreditation boundary, ensuring compliance with FBI, DOJ, and federal security standards, including FISMA and NIST guidelines.

· Develop and maintain a layered defense strategy to safeguard the confidentiality, integrity, and availability of information assets, leveraging firewalls, IDS/IPS, SIEMs, and endpoint protection systems.

· Evaluate and integrate security tools and technologies into existing systems, conducting rigorous testing to ensure compatibility and functionality within the I2D2 environment.

· Perform vulnerability assessments using tools such as Nessus, AppDetectivePRO, and Metasploit. Analyze findings and collaborate with stakeholders to prioritize and remediate vulnerabilities.

· Implement and maintain secure configurations for operating systems, applications, and network devices using standards such as DISA STIGs, CIS benchmarks, and SCAP tools.

· Regularly monitor and apply vendor-released security patches, updates, and firmware upgrades, testing them in a controlled environment before deployment to production systems.

· Design, implement, and manage secure access control mechanisms, including identity and access management solutions, ensuring adherence to the principle of least privilege.

· Support the secure configuration and maintenance of network infrastructure, including firewalls, routers, switches, and VPNs, while ensuring compliance with FBI/CODIS policies.

· Collaborate with the ISSO and other security personnel in responding to and mitigating security incidents, including root cause analysis and implementation of corrective measures.

· Create and maintain technical documentation, including system security plans (SSPs), network diagrams, and Standard Operating Procedures (SOPs), to support accreditation and compliance efforts.

· Engineer and support disaster recovery and business continuity solutions, ensuring seamless failover and data recovery in the event of outages or security incidents.

· Develop and maintain systems for continuous monitoring of security controls, ensuring compliance with NIST SP 800-137 and proactive risk identification.

· Deploy and configure security-related software such as antivirus, endpoint detection and response (EDR), and email filtering solutions, ensuring timely updates and optimal performance.

· Analyze system performance and provide solutions to optimize security technologies, meeting or exceeding a 99% uptime standard within the I2D2 accreditation boundary.

· Stay current with evolving cybersecurity threats, technologies, and best practices, proactively recommending and implementing solutions to address potential risks.

Requirements

· Preferred Education: Bachelor Degree in System Engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or a related discipline 

· Minimum of at least one (1) certification must be active relating to information security such as: Certified Information Systems Security Professional (CISSP), GIAC security certification (e.g. GCIH, GWAPT, GPEN, GSLC, etc.), or CompTIA Security +. 

· Minimum of three (3) years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field including: 

·  a. Knowledge of developing, maintaining and managing Security Authorizations and Assessments packages 

·  b. Experience with developing and managing Plans of Action & Milestones (POA&Ms) 

·  c. Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities. 

·  d. Technical experience with reviewing vulnerability scans and providing mitigation techniques. 

· Experience in conducting annual assessments. 

· Possess experience developing and testing Contingency Plans. 

· Experience with conducting audit log reviews. 

· Experience with NIST Special Publications and guidance. 

· Minimum of three (3) years of working experience with the latest version of Microsoft Office Suite (Word, Excel, and PowerPoint) and SharePoint (User).

· Top Secret level security Clearance

Company Profile:

Founded in 1999 and headquartered in Reston, Virginia, Concept Solutions, LLC (CS) is a leading small business in technology, engineering, and management consulting. We are the innovative and agile force behind strategic solutions that enhance organizational efficiency and safeguard our nation across Aerospace, Defense, and National Security sectors.

For over 25 years, CS has been a trusted partner for the Federal Aviation Administration (FAA), Department of Homeland Security (DHS), Department of Justice (DOJ), Department of Defense (DoD) and other federal agencies delivering vital IT, security, and project management services.

Our commitment to excellence is reflected in our adherence to CMMI-DEV ML3, ISO 9001:2015, ISO/IEC 20000-1:2018, and ISO/IEC 27001-1:2013 standards. CS boasts company highlights that include:

• Over two decades of experience across over $300 million in contract awards supporting critical FAA programs
• Multiple contract vehicles providing opportunities across FAA, DoD, NOAA, and other Federal agencies
• Innovation Council - CS maintains an active Internal Research and Development (IR&D) program that is geared towards identifying emerging technologies and pursuing technological innovations

At CS, we know our success stems from our talented team. That’s why we prioritize the wellbeing and growth of our employees, fostering a positive culture centered on innovation, engagement, and career development.

Benefits: Concept Solutions offers a competitive benefits and salary package you would receive from a large company. We offer health, dental, vision and life insurance, as well as a comprehensive 401(k) plan with matching and immediate vesting.

Concept Solutions is an Equal Opportunity Employer, and we value workplace diversity. We invite resumes from all interested parties and consider applicants for all positions without regard to race, color, religion, sex, national origin, age, marital status, sexual preference, personal appearance, family responsibility, the presence of a non-job-related medical condition or physical disability, matriculation, political affiliation, veteran status, or any other legally protected status. Concept Solutions is a VEVRAA federal contractor, and we request priority referral of veterans for available positions.