IT Concepts Inc.
Senior Information Security System Engineer (ISSE) Analyst
IT Concepts Inc., Woodlawn, Maryland, United States,
Senior Information Security System Engineer (ISSE) Analyst
Founded in 2003, IT Concepts’ core values – customer-centricity, teamwork, driven to deliver, innovation, and integrity – ensure we work together to be the best, realize objectives, and make a positive impact in our communities. We bring our design thinking problem-solving approach that challenges assumptions, prioritizes curiosity, and invites complexity to deliver innovative, efficient, and effective solutions. We are looking for driven and innovative individuals to join our team.IT Concepts, INC. (ITC) is seeking an experienced Senior Information Security System Engineer to support the Social Security Administration’s Information System Security Officer (ISSO) and the Office of Information Security (OIS) in coordinating and assessing the protection of SSA information and information management assets. We are looking for a candidate who possesses a profound grasp of the NIST Risk Management Framework (RMF) and experience in evaluating risk based on the RMF, along with effectively communicating feedback to stakeholders. A solid understanding of the NIST Cybersecurity Framework (CSF) version 2.0 is crucial.Location: Hybrid (As requested)
Responsibilities:Creating new documentation and updating existing documentation with input from stakeholders utilizing SSA’s GRC tool, following the appropriate steps in the Risk Management Framework.Work with stakeholders to understand and sign ATO documentation.Support the ISSO in developing a standardized methodology to transition from NIST SP 800-53 Rev. 4 to NIST SP 800-53 Rev. 5 for compliance.Train ISSO team on tool use and project plan expectations.Provide guidance outlining Common Control Provider (CCP) qualification and assist in updates.Identify CCP gaps and overlaps while clarifying qualifications for what should be a CCP.Update documentation for better understanding of control inheritance selection.Expand ISSO toolset and capabilities to keep stakeholders engaged during the ATO process.Escalate issues such as overdue POMS, upcoming assessments, and major security changes.Provide ISSO program refinement by recommending areas for standardization to ensure quality of services.Publish updated guidance and tools for regular use to standardize ISSO approach to ATO support efforts.Provide regular updates as part of status reporting.RequirementsBachelor's degree in Computer Science, Information Technology, or a related field.5+ years of experience in risk management and completing systems assessments, preferably in the cybersecurity domain.Deep understanding of the NIST SP 800-37 Risk Management Framework and NIST SP 800-53 Security and Privacy Controls for Information Systems and Organizations Rev.4 and Rev. 5 updates.Experience conducting Security Control Assessments.Knowledge of Federal level Information Security Policies and Requirements (e.g. OMB, NIST, FISMA, FedRAMP, HIPAA, etc.).Excellent written and verbal communication skills.Knowledge of cyber threats and vulnerabilities.Ability to effectively communicate technical cybersecurity concepts to non-technical stakeholders.Ability to author system security plans with minimal oversight while gaining feedback from stakeholders.Skills in preparing drafts, technical reports, plans, and related correspondence.Ability to work effectively both independently and as part of a team.Strong analytical and problem-solving skills.Preferred:Must be able to obtain and maintain Public Trust clearance.The CompanyWe believe in generating success collaboratively, enabling long-term mission success, and building trust for the next challenge. We are a close community of experts that pride ourselves on creating an environment defined by teamwork, dedication, and excellence.We hold three ISO certifications (27001:2013, 20000-1:2011, 9001:2015) and two CMMI ML 3 ratings (DEV and SVC).How to ApplyTo apply to IT Concept Positions- Please click on the: “Apply for this Job” button at the bottom of this Job Description or the button at the top: “Application.” Please upload your resume and complete all the application steps. You must submit the application for IT Concepts to consider you for a position.AccommodationsReasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. If you need to discuss reasonable accommodations, please email careers@useitc.com.
#J-18808-Ljbffr
Founded in 2003, IT Concepts’ core values – customer-centricity, teamwork, driven to deliver, innovation, and integrity – ensure we work together to be the best, realize objectives, and make a positive impact in our communities. We bring our design thinking problem-solving approach that challenges assumptions, prioritizes curiosity, and invites complexity to deliver innovative, efficient, and effective solutions. We are looking for driven and innovative individuals to join our team.IT Concepts, INC. (ITC) is seeking an experienced Senior Information Security System Engineer to support the Social Security Administration’s Information System Security Officer (ISSO) and the Office of Information Security (OIS) in coordinating and assessing the protection of SSA information and information management assets. We are looking for a candidate who possesses a profound grasp of the NIST Risk Management Framework (RMF) and experience in evaluating risk based on the RMF, along with effectively communicating feedback to stakeholders. A solid understanding of the NIST Cybersecurity Framework (CSF) version 2.0 is crucial.Location: Hybrid (As requested)
Responsibilities:Creating new documentation and updating existing documentation with input from stakeholders utilizing SSA’s GRC tool, following the appropriate steps in the Risk Management Framework.Work with stakeholders to understand and sign ATO documentation.Support the ISSO in developing a standardized methodology to transition from NIST SP 800-53 Rev. 4 to NIST SP 800-53 Rev. 5 for compliance.Train ISSO team on tool use and project plan expectations.Provide guidance outlining Common Control Provider (CCP) qualification and assist in updates.Identify CCP gaps and overlaps while clarifying qualifications for what should be a CCP.Update documentation for better understanding of control inheritance selection.Expand ISSO toolset and capabilities to keep stakeholders engaged during the ATO process.Escalate issues such as overdue POMS, upcoming assessments, and major security changes.Provide ISSO program refinement by recommending areas for standardization to ensure quality of services.Publish updated guidance and tools for regular use to standardize ISSO approach to ATO support efforts.Provide regular updates as part of status reporting.RequirementsBachelor's degree in Computer Science, Information Technology, or a related field.5+ years of experience in risk management and completing systems assessments, preferably in the cybersecurity domain.Deep understanding of the NIST SP 800-37 Risk Management Framework and NIST SP 800-53 Security and Privacy Controls for Information Systems and Organizations Rev.4 and Rev. 5 updates.Experience conducting Security Control Assessments.Knowledge of Federal level Information Security Policies and Requirements (e.g. OMB, NIST, FISMA, FedRAMP, HIPAA, etc.).Excellent written and verbal communication skills.Knowledge of cyber threats and vulnerabilities.Ability to effectively communicate technical cybersecurity concepts to non-technical stakeholders.Ability to author system security plans with minimal oversight while gaining feedback from stakeholders.Skills in preparing drafts, technical reports, plans, and related correspondence.Ability to work effectively both independently and as part of a team.Strong analytical and problem-solving skills.Preferred:Must be able to obtain and maintain Public Trust clearance.The CompanyWe believe in generating success collaboratively, enabling long-term mission success, and building trust for the next challenge. We are a close community of experts that pride ourselves on creating an environment defined by teamwork, dedication, and excellence.We hold three ISO certifications (27001:2013, 20000-1:2011, 9001:2015) and two CMMI ML 3 ratings (DEV and SVC).How to ApplyTo apply to IT Concept Positions- Please click on the: “Apply for this Job” button at the bottom of this Job Description or the button at the top: “Application.” Please upload your resume and complete all the application steps. You must submit the application for IT Concepts to consider you for a position.AccommodationsReasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. If you need to discuss reasonable accommodations, please email careers@useitc.com.
#J-18808-Ljbffr