Information System Security Officer

Overview

CVP is an award-winning healthcare and next-gen technology consulting firm recognized for excellence and innovation in the solutions we have provided our clients across healthcare, national security, and the public sector.

We are seeking a Senior Information System Security Officer to join our team of experts in a Deputy Team Lead capacity, tasked with securing the critical networks and systems our clients depend on. We are seeking a senior team member who is comfortable building a solid professional rapport with our customers, is an experienced mentor, enjoys dissecting processes, and has experience in developing and implementing improvements to team processes. This person is ready to prove themselves as a leader, is actively seeking out opportunities to build their career, and is interested in gradually taking on leadership tasks. For example, our team is responsible for briefing our systems to our C-suite, customers, and key system personnel. We are looking for professional communication skills, the ability to juggle many tasks, and technical chops are a plus.

Responsibilities

• Serve as the advisor to the system owner on all matters, technical and otherwise, involving the security of an information system'
• Provide expertise in and perform actions related to:
  • Assessment and Accreditation 
  • Continuous Monitoring
  • Reviewing scan results
  • Audit log reviews
  • Change Management
  • Vulnerability Management
  • Incident Response
  • Handling of Privacy-related and sensitive data
• Prepare and maintain required artifacts, i.e., system security plan(s) and associated documentation
• Work with other stakeholders to ensure necessary artifacts are in place, i.e., policy, procedures, training, etc.
• Work closely with the CISO on a day-to-day basis:
  • Advise and notify management (e.g., system owner, Chief Information Security Officer, (CISO), Chief Information Officer [CIO], and/or Authorizing Official (AO)) on:
  • Collect and maintain data needed to meet system cybersecurity reporting
  • Support customers at the highest levels in the development and implementation of doctrine and policies, information security program management, and cybersecurity management
  • Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands
• Experience demonstrating strong analytical, troubleshooting and problem-solving skills for security information and event management
• Ensure security improvement actions are evaluated, validated, and implemented as required.
• Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
• Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
• Assist client and team with responses to data calls and audits

Qualifications

• At least 5 years of cybersecurity experience, including at least 2 years directly engaged with risk management activities.
• Security+ Certification

Desired Skills

• 4-year college degree in Computer Science or related field and 2 years’ experience or 5 years’ experience in lieu of a college degree.
• Experience demonstrating strong analytical, troubleshooting and problem-solving skills for cybersecurity.
• Excellent communication skills, both written and oral.
• Must be eligible to obtain a Public Trust government security clearance.
• Knowledge of NIST and FISMA guidelines.
• CISSP Certification
• Two years of federal security support experience

About CVP

CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation.