[ref. e96524420] Information Systems Security Officer

placeAshburn calendar_month 

Summary:

All Native Group is seeking an Information System Security Officer (ISSO) that serves as the principal advisor to the Information System Owner (SO), Business Process Owner, and the Chief Information Security Officer (CISO) / Information System Security Manager (ISSM) on all matters, technical and otherwise, involving the security of an information system.

Responsible for ensuring the implementation and maintenance of security controls in accordance with the Security Plan (SP) and Department of Homeland Security (DHS) policies.

Essential Functions
  • Collaborates with users, vendors, technicians, and managers to understand and assess computing and system needs and requirements.
  • Communicates the goals, policies, and procedures of the company to the CIS team; develops plans to implement these needs.
  • Evaluates current technology use and needs of the company and recommends software and hardware improvements.
  • Oversees backup, security, and user help systems.
  • Remains current on advances in technology.
  • Provides technical support to users.
  • Prepares and delivers operational or project progress reports.
  • Implements and oversees operational budget and expenditures.
  • Performs other related duties as assigned.

May be requested and required to participate in Proposal Support functions due to expertise

Competencies
  • Facilitates and manages the development, modification, and operation of security protocols including intrusion detection and prevention systems to protect the organizations information from breach or loss.
  • Conducts periodic audits and due diligence checks of security protocols, evaluating systems for vulnerabilities.
  • Recommends modifications to security protocols as required.
  • Develops and/or provides training and guidance on acceptable use, risk management, incident response, and security protocols to employees.
  • Periodically briefs senior management on status of security system and protocols.
  • Reviews reports of, and evaluates response to, any security incidents.
  • Ensures that monitoring operations comply with all applicable government regulations and standards.
  • Maintains current knowledge of emerging security threats, technical challenges, and developments in system protection and IT security standards.
  • Performs other related duties as assigned.

Supervisory Responsibility

None required for this position

Work Environment

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
  • Must be able to remain in a stationary position 75% of the time.
  • Occasionally moves about inside the office to access file cabinets, office machinery, etc.
  • Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and computer printer.
  • Expresses or exchanges ideas by means of the spoken word. Those activities in which they must convey detailed or important spoken instructions to other workers accurately, loudly, or quickly.
  • Frequently moves standard office equipment up to 25 pounds.
  • Must be able to work indoor conditions 90% of the time.

While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand; walk; use hands to finger, handle or feel; and reach with hands and arms.

Position Type/Expected Hours of Work

This is a full-time position. Typical days and hours of work are Monday through Friday, 8:00 a.m. to 5:00 p.m. Evening and weekend hours required, as required by business need.

Travel

Travel is primarily local during the business day, although some out of the area travel and overnight may be expected.

Experience
  • Experience working as an ISSO supporting federal government information systems (e.g. DHS IACS Xacta), IT security certifications (e.g. CISSP, ISSEP, CEH, etc.), experience with ISO, NIST and US Government standards and cybersecurity frameworks (e.g. FISMA, FIPS, HSPD), system administration, cloud and engineering experience (e.g. UNIX, AWS, JAVA, Hadoop, etc.), and ITSM (ITIL-aligned) IT security management, engineering, and analysis experience.
  • Active vendor certifications and/or work exposure in the following technical areas are a plus: AWS Certified Solutions Architecture Cisco Certified Network Professional (CCNP) Hadoop Java Microsoft's Certified Systems Engineer (MCSE) with focus on security Oracle DB or SQL Server DB Red Hat Certified System Engineer (RHCS Engineer) Web 2.0 technology
  • ISSO candidates must have at least one of the following security certifications Active: CISSP: Certified Information Systems Security Professional ISSEP: Information Systems Security Engineer Professional ISSAP: Information Systems Security Architect Professional CEH: Certified Ethical Hacker CNDA: Certified Network Defense Architect GIAC: Global Information Assurance Certification CRISC: Certified in Risk and Information Security Control
Education
  • Strongly prefer a Bachelor’s degree and at least 7-12 years of progressive technical (hands-on) experience relate to Information Assurance C&A

Security Clearance

Must possess CBP BI DHS or held one within 5 years

All Native Group is a Drug Free Workplace. It is our policy that all new hires must successfully complete a pre-employment drug screen as a condition of employment. In addition, all employees are subject to random drug screens throughout the term of their employment with All Native Group.

AAP/EEO Statement

All Native Group is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

However, preference may be extended to persons of Indian descent in accordance with applicable laws.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

#LI-TB1

business_centerHigh salary

Information Systems Security Manager

placeChantilly, 11 mi from Ashburn (VA)
to the mission. SPA: Objective. Responsive. Trusted. The Cybersecurity Team under SPA’s Information Technology Department establishes and maintains a robust cybersecurity posture and policy architecture across SPA's information systems. The team manages cyber...
placeChantilly, 11 mi from Ashburn (VA)
Cyber Security and Information System Security Management Services to internal and external customers in support of network and information security systems.  •  Ensures the development and implementation of information security policy, requirements, and procedures...
thumb_up_altRecommended

Information Systems Analyst Senior

placeFalls Church, 23 mi from Ashburn (VA)
Job Description: We are seeking an experienced Information Systems Analyst - Level IV to join our team in the DC, VA, MD area. This role involves conducting systems analysis, providing technical guidance, ensuring system security and compliance...