Two Six Technologies
Information Systems Security Officer (ISSO)
Two Six Technologies, Tysons Corner, Virginia, United States,
Information Systems Security Officer (ISSO)
Two Six TechnologiesAdvancing safety and trust on matters of global importance.At Two Six Technologies, we build, deploy, and implement innovative products that solve the world’s most complex challenges today. Through unrivaled collaboration and unwavering trust, we push the boundaries of what’s possible to empower our team and support our customers in building a safer global future.JOB DESCRIPTIONMembers of the ISSO team support the assessment and authorization (A&A) process for information systems. The successful candidate will have requisite cyber security experience with methods and tools used to improve the security posture of critical systems such as identifying risks, vulnerabilities, anomalies, patching, auditing, automation, security hardening, best practices, and evaluating system changes. In addition, the candidate will collaborate with developers and engineers on projects to create a secure hybrid-cloud environment.QUALIFICATIONSBachelor’s degree in Cybersecurity, IT, or other related technical disciplineMinimum eight (8) years applied experience or relevant degree plus 5 years of Cybersecurity expertise with demonstrated ability to successfully shepherd IT projects of varying types through the authorization lifecycleREQUIRED KNOWLEDGE/SKILLSStrong verbal and written communication/cooperation within a team contextSupported control implementation assessment and reporting and monitoring processes using cyber security and assessment management systemsUnderstanding of perimeter controls (firewalls), access control mechanisms, and network architecturesDemonstrated essential understanding of methods for hardening operating systems (e.g., CentOS, RedHat, Windows)Skilled with and/or demonstrated technical aptitude with vulnerability and risk assessment tools such as Elasticsearch or Splunk SIEMs, Rapid7 Nexpose, and IDS/IPS monitoring and alertingStrong understanding of methodologies for researching and documenting software and hardware vulnerabilitiesExperienced working closely with stakeholders, developers, and external teams, including customer security managers (ISSMs), organizational leadership, and key personnelApplied experience with the customer’s assessment and authorization tracking toolsKnowledgeable regarding Common Control Provider (CCP) requirements and methodologyDemonstrated knowledge and experience with networking topologies and hardware, including commonly used/referenced network devices, IDS and IPS, etc.Applied experience with open-source and commercial tools and systems such as nmap, Nessus, Rapid7, Splunk, Nipper, Elasticsearch, Jira, Confluence, Cisco, VMware, Citrix, or Trellix, as well as GOTS tools used by the customerDemonstrated experience with the design and implementation of defense-in-depth solutionsSkilled in cross-team collaboration and effective communication to fulfill specific authorization requirementsDemonstrated skill documenting processes and procedures in CONOPS and system security, contingency, configuration management and other plansDemonstrated ability to facilitate customer concurrences required for risk-based decisions, especially those requiring waiversExperience assisting the customer with decisions impacting the security posture and compliance of their systems and networks with requirement as documented in NIST 800-53 and its revisionsExtensive familiarity with communications protocols, such as TCP/IP, UDP, HTTP/S, SSH, LDAP, etc.Demonstrated experience with security, monitoring and auditing cloud-based technologies, products and services, such as Amazon Web Services (AWS) or Microsoft AzureKnowledge of the customer's organization, their network systems and infrastructure, processes and procedures, and request and approval toolsAbility to work within fast-paced customer environmentsDESIRED SKILLSExperience in scripting/program languages such as Bash, PowerShell, or PythonSecurity Clearance:
Active TS/SCI w/Polygraph requiredReady to make the first move towards growing your career? If so, check out the Two Six Technologies Candidate Journey! This will give you step-by-step directions on applying, what to expect during the application process, information about our rich benefits and perks along with our most frequently asked questions.Two Six Technologies is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, marital status, disability, genetic information, and protected veteran status or any other characteristic protected by applicable law.If you are an individual with a disability and would like to request reasonable workplace accommodation for any part of our employment process, please send an email to accommodations@twosixtech.com. Information provided will be kept confidential and used only to the extent required to provide needed reasonable accommodations.Additionally, please be advised that this business uses E-Verify in its hiring practices.By submitting the following application, I hereby certify that to the best of my knowledge, the information provided is true and accurate.
#J-18808-Ljbffr
Two Six TechnologiesAdvancing safety and trust on matters of global importance.At Two Six Technologies, we build, deploy, and implement innovative products that solve the world’s most complex challenges today. Through unrivaled collaboration and unwavering trust, we push the boundaries of what’s possible to empower our team and support our customers in building a safer global future.JOB DESCRIPTIONMembers of the ISSO team support the assessment and authorization (A&A) process for information systems. The successful candidate will have requisite cyber security experience with methods and tools used to improve the security posture of critical systems such as identifying risks, vulnerabilities, anomalies, patching, auditing, automation, security hardening, best practices, and evaluating system changes. In addition, the candidate will collaborate with developers and engineers on projects to create a secure hybrid-cloud environment.QUALIFICATIONSBachelor’s degree in Cybersecurity, IT, or other related technical disciplineMinimum eight (8) years applied experience or relevant degree plus 5 years of Cybersecurity expertise with demonstrated ability to successfully shepherd IT projects of varying types through the authorization lifecycleREQUIRED KNOWLEDGE/SKILLSStrong verbal and written communication/cooperation within a team contextSupported control implementation assessment and reporting and monitoring processes using cyber security and assessment management systemsUnderstanding of perimeter controls (firewalls), access control mechanisms, and network architecturesDemonstrated essential understanding of methods for hardening operating systems (e.g., CentOS, RedHat, Windows)Skilled with and/or demonstrated technical aptitude with vulnerability and risk assessment tools such as Elasticsearch or Splunk SIEMs, Rapid7 Nexpose, and IDS/IPS monitoring and alertingStrong understanding of methodologies for researching and documenting software and hardware vulnerabilitiesExperienced working closely with stakeholders, developers, and external teams, including customer security managers (ISSMs), organizational leadership, and key personnelApplied experience with the customer’s assessment and authorization tracking toolsKnowledgeable regarding Common Control Provider (CCP) requirements and methodologyDemonstrated knowledge and experience with networking topologies and hardware, including commonly used/referenced network devices, IDS and IPS, etc.Applied experience with open-source and commercial tools and systems such as nmap, Nessus, Rapid7, Splunk, Nipper, Elasticsearch, Jira, Confluence, Cisco, VMware, Citrix, or Trellix, as well as GOTS tools used by the customerDemonstrated experience with the design and implementation of defense-in-depth solutionsSkilled in cross-team collaboration and effective communication to fulfill specific authorization requirementsDemonstrated skill documenting processes and procedures in CONOPS and system security, contingency, configuration management and other plansDemonstrated ability to facilitate customer concurrences required for risk-based decisions, especially those requiring waiversExperience assisting the customer with decisions impacting the security posture and compliance of their systems and networks with requirement as documented in NIST 800-53 and its revisionsExtensive familiarity with communications protocols, such as TCP/IP, UDP, HTTP/S, SSH, LDAP, etc.Demonstrated experience with security, monitoring and auditing cloud-based technologies, products and services, such as Amazon Web Services (AWS) or Microsoft AzureKnowledge of the customer's organization, their network systems and infrastructure, processes and procedures, and request and approval toolsAbility to work within fast-paced customer environmentsDESIRED SKILLSExperience in scripting/program languages such as Bash, PowerShell, or PythonSecurity Clearance:
Active TS/SCI w/Polygraph requiredReady to make the first move towards growing your career? If so, check out the Two Six Technologies Candidate Journey! This will give you step-by-step directions on applying, what to expect during the application process, information about our rich benefits and perks along with our most frequently asked questions.Two Six Technologies is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices based on race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, marital status, disability, genetic information, and protected veteran status or any other characteristic protected by applicable law.If you are an individual with a disability and would like to request reasonable workplace accommodation for any part of our employment process, please send an email to accommodations@twosixtech.com. Information provided will be kept confidential and used only to the extent required to provide needed reasonable accommodations.Additionally, please be advised that this business uses E-Verify in its hiring practices.By submitting the following application, I hereby certify that to the best of my knowledge, the information provided is true and accurate.
#J-18808-Ljbffr