Information System Security Officer (ISSO) with Security Clearance, ProvatoHR, Chantilly, VA
ProvatoHR -
Chantilly, VA,
US
Information System Security Officer (ISSO) with Security Clearance
Date Posted: 2024-05-09
Job description
Summary The successful candidate will leverage their strong technical background/knowledge to support the Sponsor s system accreditation efforts, to include creating Body of Evidence (BOE) documentation, implementing required controls, and completed required tasks/actions. Duties, Tasks & Responsibilities Creating, updating, maintaining, and interpreting required Body of Evidence (BOE) documentation
Working with management, internal teams, and Sponsor s authorities to successfully navigate the Sponsor s accreditation process for all systems
Performing Nessus scans and interpreting the results
Maintaining a robust library of documentation, to include network diagrams for cyber defense capabilities and sensors, and making documentation available to all personnel with appropriate need-to-know
Maintaining, updating, and conducting routine vulnerability scanning across all Sponsor networks
Maintaining system baselines and configuration management items, including security event monitoring policies
Working with all stakeholders to ensure complete and functioning systems that meet all requirements
Ensuring all network defense capabilities are kept current, patched, and securely configured, and the management is informed of status
Analyzing data flows into, out of, and across Sponsor networks to identify and rectify any security gaps
Recommending, and when approved, implementing process and policy improvements
Required Experience, Skills, & Technologies Significant, demonstrated experience navigating the Sponsor's accreditation process and ICD 503 requirements, especially as it relates to creating Body of Evidence (BOE) documentation
Significant, demonstrated experience meeting security requirements in the Sponsor's environment or similar environments (prior ISSO experience)
Experience performing Nessus scans and interpreting the results
Experience working across a large team to drive a security agenda
Experience working with complex, intertwined systems and data flows
Experience inventorying complex networks, and with all facets of network documentation (security compliance, configuration management, patching, centralized authentication, removable media, etc.)
Security-focused knowledge of a wide range of diverse technologies/disciplines (networking, UNIX/Linux, Windows, Storage, Virtualization, etc.)
Experience monitoring network defense technologies and analyzing the outputs
Experience creating, maintaining, and communicating complex information technology documentation, particularly network and security documentation
Self-starter with excellent people skills - able to work across teams, organize meetings/boards, and drive change throughout an organization
Desired Experience, Skills & Technologies CISSP strongly desired
Experience with the Xacta 360 cyber risk and compliance automation tool strongly desired
Working with management, internal teams, and Sponsor s authorities to successfully navigate the Sponsor s accreditation process for all systems
Performing Nessus scans and interpreting the results
Maintaining a robust library of documentation, to include network diagrams for cyber defense capabilities and sensors, and making documentation available to all personnel with appropriate need-to-know
Maintaining, updating, and conducting routine vulnerability scanning across all Sponsor networks
Maintaining system baselines and configuration management items, including security event monitoring policies
Working with all stakeholders to ensure complete and functioning systems that meet all requirements
Ensuring all network defense capabilities are kept current, patched, and securely configured, and the management is informed of status
Analyzing data flows into, out of, and across Sponsor networks to identify and rectify any security gaps
Recommending, and when approved, implementing process and policy improvements
Required Experience, Skills, & Technologies Significant, demonstrated experience navigating the Sponsor's accreditation process and ICD 503 requirements, especially as it relates to creating Body of Evidence (BOE) documentation
Significant, demonstrated experience meeting security requirements in the Sponsor's environment or similar environments (prior ISSO experience)
Experience performing Nessus scans and interpreting the results
Experience working across a large team to drive a security agenda
Experience working with complex, intertwined systems and data flows
Experience inventorying complex networks, and with all facets of network documentation (security compliance, configuration management, patching, centralized authentication, removable media, etc.)
Security-focused knowledge of a wide range of diverse technologies/disciplines (networking, UNIX/Linux, Windows, Storage, Virtualization, etc.)
Experience monitoring network defense technologies and analyzing the outputs
Experience creating, maintaining, and communicating complex information technology documentation, particularly network and security documentation
Self-starter with excellent people skills - able to work across teams, organize meetings/boards, and drive change throughout an organization
Desired Experience, Skills & Technologies CISSP strongly desired
Experience with the Xacta 360 cyber risk and compliance automation tool strongly desired