Zen Strategics Llc
Senior Information Systems Security Officer
Zen Strategics Llc, Iowa, Louisiana, United States, 70647
DescriptionAbout Zen :Own your opportunity to work with a client-focused agile small business. Make an impact by advancing our government organizations charged with keeping our country safe, prosperous, and secure. Zen Strategics, LLC is a cleared, minority-owned SBA 8(a) specialized consulting firm, offering innovative Cybersecurity, Cloud Migration, and Information Technology Modernization. We are a leading organization committed to delivering innovative solutions and ensuring the highest standards of security for our customers' digital assets. We are dedicated to staying ahead of evolving cyber threats and protecting our clients' data with cutting-edge technologies and proactive security measures.Position Description :Seize your opportunity to make a personal impact as an Information Systems Security Officer, Senior. Zen is your place to make meaningful contributions to challenging projects and grow a rewarding career. As an Information Systems Security Officer, Senior, you will be responsible for leveraging your technical expertise by performing or reviewing technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies. As an ISSO, you will validate and verify system security requirements definitions and analysis, as well as establish system security designs.Responsibilities :As an Information Systems Security Officer, Senior, you’ll be Zen’s expert, designing, developing, implementing, and/or integrating IA and security systems and system components, including those for networking, computing, and enclave environments such as those with multiple enclaves and with differing data protection and classification requirements. You will assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of OCIO security policy and enterprise solutions. You will support the building of security architectures and enforce the design and implementation of trusted relations among external systems and architectures. You will assess and mitigate system security threats and risks throughout the program life cycle, contribute to security planning, assessment, risk analysis, risk management, and certification and awareness activities for system and networking operations. You will review certification and accreditation (C&A) documentation and provide feedback on completeness and compliance of its content. You will participate as a security engineering representative on engineering teams for the design, development, implementation and/or integration of IA architectures, systems, or system components. You will apply knowledge of IA policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments. You will interact with the customer and other project team members, supporting the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures. You will provide and support security planning, assessment, risk analysis, and risk management, identify overall security requirements for the proper handling of Government data, and recommend system-level solutions to resolve security requirements. You will support security authorization activities in compliance with the NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering.Required Education/Qualifications:Education:
BS in Information Technology, Computer Engineering, or Cybersecurity preferredExperience:
Knowledge of DOC and NOAA OCIO security policies and implementation standards or those of similar sized organizations AND comprehensive understanding of NIST guidance to include, but not limited to, NIST Special Publications and Federal Information Processing Standards. At least 5 years of recent experience (within the last 6 years) in applying IT security concepts, methodologies, principles, procedures and using industry-standard IT security tools.Expertise in applying system security engineering in:System security design processEngineering life cycleInformation domainCross domain solutionsCommercial off-the-shelf (COTS) and Government off-the-shelf (GOTS)CryptographyIdentificationAuthentication and authorization (A&A)System integrationRisk managementIntrusion detectionContingency planningIncident handlingConfiguration controlChange managementAuditingCertification and accreditation (C&A) processPrinciples of IA (confidentiality, integrity, non-repudiation, availability, and access control)Security testingUS Citizenship Required .Certifications:
Must possess at least one IASAE II level professional certification:CASP CE – CompTIA Advanced Security PractitionerCISSP (or Associate) ISC2 - Certified Information Systems Security ProfessionalCSSLP ISC2 – Certified Secure Software Lifecycle ProfessionalIASAE III Level, at least one preferredCISSP-ISSAP – ISC2 CISSP Information Systems Security Architecture ProfessionalCISSP-ISSEP – ISC2 CISSP Information Systems Security Engineering ProfessionalIf you do not possess one of the certifications above, you must provide documentation showing you have already taken training and copy of examination scheduled. You must pass the exam prior to joining Zen Strategics.Strong written and verbal communication and collaborative team interpersonal skills.Proficiency in handling multiple tasks concurrently.Successful completion of background investigation without any adverse findings is required. Knowledge of and experience with the technical and administrative information system security requirements for high impact, high availability systems in government organizations is required.
#J-18808-Ljbffr
BS in Information Technology, Computer Engineering, or Cybersecurity preferredExperience:
Knowledge of DOC and NOAA OCIO security policies and implementation standards or those of similar sized organizations AND comprehensive understanding of NIST guidance to include, but not limited to, NIST Special Publications and Federal Information Processing Standards. At least 5 years of recent experience (within the last 6 years) in applying IT security concepts, methodologies, principles, procedures and using industry-standard IT security tools.Expertise in applying system security engineering in:System security design processEngineering life cycleInformation domainCross domain solutionsCommercial off-the-shelf (COTS) and Government off-the-shelf (GOTS)CryptographyIdentificationAuthentication and authorization (A&A)System integrationRisk managementIntrusion detectionContingency planningIncident handlingConfiguration controlChange managementAuditingCertification and accreditation (C&A) processPrinciples of IA (confidentiality, integrity, non-repudiation, availability, and access control)Security testingUS Citizenship Required .Certifications:
Must possess at least one IASAE II level professional certification:CASP CE – CompTIA Advanced Security PractitionerCISSP (or Associate) ISC2 - Certified Information Systems Security ProfessionalCSSLP ISC2 – Certified Secure Software Lifecycle ProfessionalIASAE III Level, at least one preferredCISSP-ISSAP – ISC2 CISSP Information Systems Security Architecture ProfessionalCISSP-ISSEP – ISC2 CISSP Information Systems Security Engineering ProfessionalIf you do not possess one of the certifications above, you must provide documentation showing you have already taken training and copy of examination scheduled. You must pass the exam prior to joining Zen Strategics.Strong written and verbal communication and collaborative team interpersonal skills.Proficiency in handling multiple tasks concurrently.Successful completion of background investigation without any adverse findings is required. Knowledge of and experience with the technical and administrative information system security requirements for high impact, high availability systems in government organizations is required.
#J-18808-Ljbffr