Logo
Envisioneering Inc

Information System Security Officer - (ISSO)

Envisioneering Inc, Washington, District of Columbia, us, 20022


Information System Security Officer - (ISSO) - (45)

This details all the information about the job posting.Job Title:

Information System Security Officer - (ISSO)Location:

Washington, DC 20375 US (Primary)Job Type:

Full-TimeEducation:

Bachelor's DegreeTravel Requirement:

0 - 25%Minimum Security Clearance Required:

TSJob Description:Envisioneering, Inc. is seeking an Information Systems Security Officer (ISSO) to support an active government contract. This position will be responsible for the following:Lead the RMF process for assigned programs, organizations, systems, or enclaves.Maintain and report system’s A&A status and events.Manage the SP for assigned systems throughout their lifecycle.Perform annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.Manage POA&M entries and ensuring vulnerabilities are properly tracked, mitigated, and resolved.Assist with identification of the security control baseline set and any applicable overlays.Supervise the validation of security controls with the PM/ISO, SCA Liaison, PSO, and AO CSA.Assemble the Security Authorization Package and submit for adjudication.Register and maintain the system in eMASS.Assess the quality of security control implementation against all requirements in accordance with the approved SLCM strategy.Plan and perform cybersecurity testing to assess security controls and recording security control compliance status during sustainment.Report changes in the security posture of systems to the AO.Utilize the Collaboration Board in eMASS workflow for all formal coordination during the RMF process.Assist the ISSMs in executing their duties and responsibilities.Ensure compliance with all USN, DON, and DoD cybersecurity policies.Ensure all users possess the requisite security clearances and awareness of their responsibilities for systems under their purview prior to being granted access.Ensure an incident response, business continuity, disaster recovery, as well as vulnerability and threat reporting plans and channels are in place and that team members are trained accordingly.Ensure relevant policy and procedural documentation is current and accessible to properly authorized individuals.Assist the ISSE with the following responsibilities:Oversee the development and maintenance of a system’s cybersecurity solutions.Identify AO and SCA cognizance of the system as well as any specific authorization requirements.Identify mission criticality.Identify and tailor the security control baseline with applicable overlays.Assist with development, maintenance, and tracking of the SP.Lead the security control implementation and testing efforts.Perform vulnerability-level risk assessment on the POA&M/RISK Assessment Worksheet.Assist with any security testing required as part of A&A or annual reviews.Assist in the mitigation and closure of open vulnerabilities under the system’s change control process.Oversee cybersecurity testing to assess security controls and recording security control compliance status during the continuous monitoring phase of the lifecycle.Assist the ISSM with the following responsibilities:Support necessary compliance activities.Continuously validate the organization against policies and guidelines to ensure compliance.Acquire and manage the necessary resources to support information technology (IT) security goals and objectives.Advise senior management on risk levels and security posture.Collect and maintain data needed to meet system cybersecurity reporting.Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.Ensure security improvement actions are evaluated, validated, and implemented as required.Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.Manage the monitoring of information security data sources to maintain organizational situational awareness.MINIMUM SKILLS / QUALIFICATIONS:Must have and maintain a DoD Top Secret Clearance.15+ years of technical and managerial experience in system administration and information security/cybersecurity.CISSP, CISM, or other DOD 8570.01-M IAM Level 3 certification.Bachelor’s degree with a concentration in a related discipline.Self-motivated and the ability to multi-task and balance multiple goals and priorities.Familiar with DOD Risk Management Framework (RMF) policies and associated tools.SALARY RANGE:

$150,000.00 - $180,000.00Benefits:

Envisioneering, Inc. offers a stable work environment, a competitive salary, and a comprehensive benefits package.As a condition of employment:

You must pass a drug and pre-employment drug screening. U.S. Citizenship Required.Envisioneering Inc. is an Equal Opportunity Employer that does not discriminate on the basis of any characteristic protected by applicable laws.

#J-18808-Ljbffr