Logo
Chugach Government Solutions, LLC

INFORMATION SYSTEM SECURITY OFFICER (ISSO)

Chugach Government Solutions, LLC, Reston, Virginia, United States, 22090


About Us

When you work at Chugach Government Solutions (CGS), you join a proud legacy of supporting missions while sustaining culture.The federal division of Chugach Alaska Corporation, CGS has been supporting critical missions as a government contractor for over 25 years. Our focus is to support facility maintenance, IT/technical services, construction and education. We are proud to have built, and continue to foster, an incredibly talented team spanning across the globe in hundreds of different fields - each team member proud to serve our country with first-class business services, while also making a difference for our Chugach shareholders.At CGS, empowering employees is a part of our core, and that focus is one of the ways we build and foster high-performing teams. We empower our employees through competitive compensation and benefits package, professional growth opportunities, truthful communication, and more!If you are looking for an opportunity to serve something bigger than yourself; if you want your day job to be one that creates meaningful value; if you are looking for an environment that highly values employees and respects individual differences - then Chugach Government Solutions may be the right fit for you!Job Overview

The Information System Security Officer will focus on maturing and enhancing Chugach Government Solutions (CGS) cybersecurity audit, compliance, and awareness programs. This position is crucial for ensuring our cybersecurity posture aligns with best practices and regulatory standards. It will be primarily responsible for the organization and execution of cybersecurity and government rules and regulations such as the Cyber Maturity Model Certification (CMMC) and Federal Acquisition Regulations (FAR). The individual will be responsible for the management and operation of enterprise-wide security controls; enabling the business to operate securely, protect its people, defend its assets, and preserve shareholder value. This role coordinates assessments and security monitoring to uphold the function across information technology (IT), Lines of Business, and other administration functions across CGS. The position will understand cyber risks to the business and develop engaging and timely cyber awareness content and promote a cybersecurity-focused culture.Work Model: HybridResponsibilities

Essential Duties & Job Functions:

Serves as the principal manager for the ongoing execution, implementation, and monitoring of the CMMC program and other applicable regulatory standards.Ensures the rigorous application of information security/information assurance policies, principles, and practices to the delivery of enterprise solutions and services.Plan, implement and upgrade security measures and controls.Perform vulnerability testing, risk analyses and security assessments.Conduct internal and external security audits.Creates, reviews and updates compliance frameworks tailored to the company via policies, standards, procedures, and controls.Travels to project site locations to assess compliance with applicable cyber standards.Train fellow employees in security awareness and procedures.Increases the level of maturity in risk management and controls.Develop and execute a master audit schedule.Lead and conduct audit meetings as required in coordination with supervisor.Assess audit findings against applicable criteria to validate and review reports; review conclusions and recommendations before supervisory approval.Integrate critical analysis, to conduct audit assignments; apply auditing principles to achieve outcomes.Performs other duties as assigned.Communication & Stakeholder Management:Collaborates with other Security teams to improve and scale cyber governance.Implement strategy for security audits in coordination with compliance, system teams, executive teams, and other key stakeholders.Provides training and guidance within the company on secure governance frameworks, business processes, architecture design, and risk technical controls.

Job Requirements

Mandatory:

Bachelor's Degree in business information systems (IS), computer science, technology, engineering, or another related field.Five (5) years of experience in information security, cybersecurity, or related roles, two of which had a primary focus in Governance, Risk, and Compliance (GRC).Must currently hold or be able to obtain a DoD 8140 - (612) Advanced certification within six (6) months of hire.Knowledge of common information security management frameworks, such as CMMC, ITIL, ISO as well as those from NIST, including 800-53, Cybersecurity Framework, and 800-171.Hands-on experience troubleshooting hardware and system software.Must be able to speak, read, and comprehend English to perform contract requirements and comply with emergency procedures.Ability to pass any employment background checks and/or drug testing required on the contract.Valid state Driver's License with acceptable driving record pertinent to the position.Ability to obtain and maintain a U.S. Government National Agency Check (NAC) clearance and/or security clearance if required.Travel up to 25% of the time.Reasonable Accommodation:

CGS will provide reasonable accommodations, according to applicable state and federal laws, to all qualified individuals with physical or mental disabilities. In compliance with the ADA Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with Chugach Government Solutions or any of its subsidiaries, please email ada@chugachgov.comEqual Employment Opportunity:Chugach is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender, sexual orientation, gender identity or expression, age, pregnancy, disability, genetic factors, protected veteran status or other characteristics protected by law.