ITellect LLC
Information System Security Officer
ITellect LLC, Fort George Meade, Maryland, United States,
US Citizenship Required for this Position: YesRelocation Assistance: No relocation assistance availableClearance Type:
SecretGeneralProgram level
Information System Security Officer
that conducts actions necessary to support the implementation Risk Management Framework (RMF), as well as the successful award of Authorization to Operate (ATO) through the Assessment & Authorization process.Education and ExperienceBachelor’s Degree5+ years of experienceSecurity + or CISSP Certification required.ResponsibilitiesWork closely with the DISA PM and ISSM to achieve system accreditation and maintain compliance of information systems, to include:
Assessing RMF controls within eMASS.Prepare and maintain security documentation.Support Assessment & Authorization actions.Vulnerability Management on information systems, to include:
Documenting vulnerabilities as they are identified.Tracking corrective/remediation efforts as they move through the configuration management process.Documenting final remediation/fix actions.Developing Plans of Action & Milestones (POA&M).Validating configuration management, testing, and maintenance actions meet the Change Control RMF requirements.
Continuous monitoring of program level compliance and the creation of compliance summary reports.Integration with the ISSM as a program level ISSO and provide support/updates as required to ensure the ISSM has continuous awareness of the program’s Cybersecurity posture.Collect and maintain data needed to meet cybersecurity reporting, to include DTO monitoring and response.Integration with the Security Control Assessor Representative (SCAR), and other representatives of the Risk Management Executive office, to support accurate Assessment & Authorization actives.Track audit findings/after action recommendations to ensure that appropriate mitigation/remediation/corrective actions are taken.Assist in the development and creation of Directorate and Program level Policies and Procedures.Assist in the determination of Cost/Benefit and Risk analyses to support PMO decisions.Development and implementation of executive/leadership briefs relating to Cybersecurity and/or RMF compliance.REQUIRED QUALIFICATIONSActive Secret Clearance requiredSecurity + or CISSP Certification requiredKnowledge of DoD’s Risk Management Framework (RMF), writing to controls within, and the identification of compelling evidence for complianceKnowledge of eMASS, as the official repository of RMF informationProficiency in developing, executing and monitoring Plan of Action and Milestones (POA&Ms) for the systemDetailed knowledge of DISA’s Customer Interaction Center program, architecture and issuesMinimum of 5 years of experience in working with the DISA CIC programDESIRED QUALIFICATIONSCurrent CISSPKnowledge of NIST, and the publications directly related to RMF, to include NIST SP 800-53Previous experience working with DISAKnowledge of applicable STIGs, SRG, ACAS SCAN and DISA End Point Security Service (ESS)Previous experience as a System Administrator
#J-18808-Ljbffr
SecretGeneralProgram level
Information System Security Officer
that conducts actions necessary to support the implementation Risk Management Framework (RMF), as well as the successful award of Authorization to Operate (ATO) through the Assessment & Authorization process.Education and ExperienceBachelor’s Degree5+ years of experienceSecurity + or CISSP Certification required.ResponsibilitiesWork closely with the DISA PM and ISSM to achieve system accreditation and maintain compliance of information systems, to include:
Assessing RMF controls within eMASS.Prepare and maintain security documentation.Support Assessment & Authorization actions.Vulnerability Management on information systems, to include:
Documenting vulnerabilities as they are identified.Tracking corrective/remediation efforts as they move through the configuration management process.Documenting final remediation/fix actions.Developing Plans of Action & Milestones (POA&M).Validating configuration management, testing, and maintenance actions meet the Change Control RMF requirements.
Continuous monitoring of program level compliance and the creation of compliance summary reports.Integration with the ISSM as a program level ISSO and provide support/updates as required to ensure the ISSM has continuous awareness of the program’s Cybersecurity posture.Collect and maintain data needed to meet cybersecurity reporting, to include DTO monitoring and response.Integration with the Security Control Assessor Representative (SCAR), and other representatives of the Risk Management Executive office, to support accurate Assessment & Authorization actives.Track audit findings/after action recommendations to ensure that appropriate mitigation/remediation/corrective actions are taken.Assist in the development and creation of Directorate and Program level Policies and Procedures.Assist in the determination of Cost/Benefit and Risk analyses to support PMO decisions.Development and implementation of executive/leadership briefs relating to Cybersecurity and/or RMF compliance.REQUIRED QUALIFICATIONSActive Secret Clearance requiredSecurity + or CISSP Certification requiredKnowledge of DoD’s Risk Management Framework (RMF), writing to controls within, and the identification of compelling evidence for complianceKnowledge of eMASS, as the official repository of RMF informationProficiency in developing, executing and monitoring Plan of Action and Milestones (POA&Ms) for the systemDetailed knowledge of DISA’s Customer Interaction Center program, architecture and issuesMinimum of 5 years of experience in working with the DISA CIC programDESIRED QUALIFICATIONSCurrent CISSPKnowledge of NIST, and the publications directly related to RMF, to include NIST SP 800-53Previous experience working with DISAKnowledge of applicable STIGs, SRG, ACAS SCAN and DISA End Point Security Service (ESS)Previous experience as a System Administrator
#J-18808-Ljbffr