Information Systems Security Officer (ISSO)

Great Hill Solutions is part of the Seneca Nation Group (SNG) portfolio of companies. SNG is the federal government contracting business wholly owned by the Seneca Nation. SNG meets mission-critical needs of federal civilian, defense, and intelligence community customers across a variety of domains. The SNG portfolio receives shared services support from its parent company Seneca Holdings and is comprised of multiple companies that participate in the Small Business Administration 8(a) program. To learn more visit www.senecanationgroup.com and follow us on LinkedIn.

The Seneca Nation Group offer competitive compensation and a strong benefits package including comprehensive medical and dental care, matching 401K, paid time off, flexible spending accounts, disability coverage, and other benefits that help provide financial protection for you and your family. We pride ourselves on our collaborative work environment and culture which embraces our mission of providing financial and non-financial benefits back to the members of the Seneca Nation.

Great Hill Solutions is seeking a Information Systems Security Officer (ISSO). This is a remote position with travel to the client site as required. This position will entail supporting the Naval Air Systems Command (NavAir), in particular, the Digital Analytics, Infrastructure and Technology Advancement (DAiTA) Group and the Naval Leveraging Innovation, Frameworks and Technology (LIFT) and Integrated Modeling Environment (IME) projects.

As an Information Systems Security Officer (ISSO) you will be responsible for ensuring the security of the organization's information systems and data. Develop and implement security policies, conduct risk assessments, and oversee the implementation of security controls. ISSOs will also provide security training and support to employees and manage security incidents. 

Key Responsibilities include:

• Develop and implement security policies:
  • This includes creating and maintaining policies, procedures, and standards related to information security. 
• Conduct risk assessments:
  • Identify, assess, and mitigate security risks to protect the organization's information assets. 
• Oversee security controls:
  • Ensure that appropriate security controls, such as firewalls, intrusion detection systems, and access controls, are implemented and maintained. 
• Provide security training:
  • ISSOs educate employees about security best practices, policies, and procedures. 
• Manage security incidents:
  • Investigate, respond to, and recover from security incidents, such as data breaches or cyberattacks. 
• Maintain compliance:
  • Ensure that the organization's information security practices comply with relevant laws, regulations, and industry standards. 
• Coordinate with IT staff:
  • Coordinate with IT professionals to integrate security measures into system designs and implementations. 
• Prepare and present security reports:
  • Provide regular updates on the organization's security posture to management. 
• Collaborate with external auditors and regulators:
  • Work with external parties to ensure compliance and maintain a strong security posture. 
• Develop disaster recovery and business continuity plans:
  • Ensure that the organization can recover from disruptions and continue operations during emergencies. 

Basic Qualifications:

• A bachelor's degree in computer science, information systems security, or a related field. 
• Minimum of 5 years’ experience in information security, security auditing, or a related field is preferred.
• Minimum of 5 years’ experience in the coordination and implementation of Risk management Framework (RMF) and Authorization to Operate (ATO).
• Minimum of 5 years’ experience in Security Technical Implementation Guides (STIGs) and Development Security and Operations (DevSecOps) activities.
• Minimum of 5 years’ experience providing vulnerability assessments to the PM and working with the security team to develop security plans and policies.
• Including leading the security incident response and coordination with the security team to record and report all incidents. 
• Minimum of 5 years’ experience in system classification levels including DOD and NIST SP 800 compliance criteria.
• Must be eligible to obtain and maintain an active Top Secret security clearance.
• Must possess CompTIA A+ and CompTIA Security+ certifications.

Preferred Qualifications:

• Strong analytical and problem-solving skills
• Excellent communication and interpersonal skills

 

Salary at Seneca is based on a variety of factors including but not limited to location, experience, skill set, performance, licensure and certification, as well as contract-specific affordability and organizational requirements. The range of this position in other geographic locations may differ.  The projected compensation range for this position is below. The estimate displayed represents the typical salary range for this position and is just one component of our total compensation package for employees. 

The projected compensation range for this position is:$140,000—$160,000 USD

Equal Opportunity Statement:
Seneca Holdings provides equal employment opportunities to all employees and applicants without regard to race, color, religion, sex/gender, sexual orientation, national origin, age, disability, marital status, genetic information and/or predisposing genetic characteristics, victim of domestic violence status, veteran status, or other protected class status. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation and training. The Company also prohibits retaliation against any employee who exercises his or her rights under applicable anti-discrimination laws. Notwithstanding the foregoing, the Company does give hiring preference to Seneca or Native individuals. Veterans with expertise in these areas are highly encouraged to apply.