BRMi
Information System Security Officer (ISSO)
BRMi, Washington, District of Columbia, us, 20022
Overview
BRMi Corp. is seeking experienced Information System Security Officer (ISSO) SMEs with experience assessing Federal agency compliance with the DHS CISA Zero Trust Maturity Framework in support of a new government program. This program will support and augment ongoing efforts to achieve, maintain, continuously improve, and integrate ZT operational capabilities and solutions across ZT pillars. The purpose of this program is to provide enhanced capabilities and integration of operational capabilities and services across ZT pillars to accelerate ZT maturity beyond its current rate, and achieve and maintain White House, OMB, and DHS ZT maturity goals over the next three years.
The ISSO will support the security activities associated with evaluating, assessing, implementing, and managing security practices and continued operations of new and existing technologies for assigned systems in a Zero Trust environment. ISSO SMEs shall perform all duties and responsibilities in accordance with NIST SP 800-37, Risk Management Framework for Information Systems and Organizations, DHS 4300A, Zero Trust Framework, FISMA and other applicable guidance.
*Can be 100% remote in TX, NJ, NC, WV, AL, VA, MD, MO, DC, GA, or FL *
*MUST BE U.S. CITIZEN *
This is a 3-year engagement.
Responsibilities
Prepare documentation to support the operations of FedRAMP requirements.
Develop briefings and presentations for Government PM and Executive Management.
Provide security recommendations.
Support Security Authorization Processes, Security Control Assessments, and Ongoing Authorization activities as required and as directed by the customer.
Provide technical security solutions and control implementation recommendations to the development teams based on industry best practice and Federal requirements.
Perform comprehensive document reviews (DR) on risk management and security operations documentation, in alignment with DHS, USCIS, Zero Trust and FISMA requirements.
Perform independent reviews of system self-assessments of Zero Trust maturity
Perform other duties as assigned
Qualifications
Must be a US Citizen able to obtain an agency-specific suitability / public trust clearance prior to starting.
Experience with Federal Zero Trust requirements and assessing agency Zero Trust maturity in accordance with DHS CISA Maturity Model
Must have and maintain at least one active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, and CISA; or other comparable certification which must be approved in advance by the Government PM (on a case-by-case basis).
10+ years of experience managing IT projects and programs or specialized experience in one of the below positions: Information System Security Officer, Information System Security Engineer, Information System Security Auditor, or Information System Security Manager.
5+ years of experience with analyzing, assessing, and implementing corrective actions based on vulnerability and configuration management tools.
5+ years of experience with technical writing, administrative tasks, and conducting briefings.
Excellent customer service, analytical, problem solving, and interpersonal skills.
Ability to work independently and function as an integral part of the team.
Excellent oral and written communication skills; technical and business focused, with the ability to document and describe security process information collected.
Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints.
Demonstrated proficiency in vast array of Cyber Security platforms, such as: Security Information and Event Management (SIEM), Intrusion Detection System (IDS)/Intrusion Protection System (IPS), Data Loss Prevention (DLP), Web Application Firewalls (WAF), Threat Intel, and Endpoint Security.
Advanced Microsoft Excel skills to perform extensive data mining and correlation.
Experience working with NIST SP 800-53, RMF, FISMA, and DHS policies.
Strong analytical and problem-solving skills.
Desired Skills and Qualifications:
Security experience with systems in the cloud; specifically, AWS, Google, or Azure.
Experience with CI/CD - Deployment pipeline (e.g., Jenkins, Ansible).
Ability to provide security recommendations during the change management process.
Knowledge of Twistlock, Nessus, and Burp Suite vulnerability scanners.
Ability to function as a technical and security expert across multiple project/task areas.
Ability to work on high priority, ad hoc requests such as data calls, Senior Management (CIO, CISO, etc.) Initiatives, and customer mandates.
Deep understanding of Zero Trust and Security Regulations, such as NIST Publications and OMB Memoranda.
* BRMi will not sponsor applicants for work visas for this position. *
*This is a W2 opportunity only *
EOE/Minorities/Females/Vet/Disabled
We are an equal opportunity employer that values diversity and commitment at all levels. All individuals, regardless of personal characteristics, are encouraged to apply. Employment policies and decisions on employment and promotion are based on merit, qualifications, performance, and business needs. The decisions and criteria governing the employment relationship with all employees are made in a nondiscriminatory manner, without regard to race, religion, color, national origin, sex, age, marital status, physical or mental disability, medical condition, veteran status, or any other factor determined to be unlawful by federal, state, or local statutes.
Job Locations VA | MD | FL | TX | WV | AL | NJ | NC | GA | DC | MO...
Posted Date 14 hours ago (9/12/2024 10:14 AM)
ID 2024-3899
# of Openings 1
Category Management Consulting
BRMi Corp. is seeking experienced Information System Security Officer (ISSO) SMEs with experience assessing Federal agency compliance with the DHS CISA Zero Trust Maturity Framework in support of a new government program. This program will support and augment ongoing efforts to achieve, maintain, continuously improve, and integrate ZT operational capabilities and solutions across ZT pillars. The purpose of this program is to provide enhanced capabilities and integration of operational capabilities and services across ZT pillars to accelerate ZT maturity beyond its current rate, and achieve and maintain White House, OMB, and DHS ZT maturity goals over the next three years.
The ISSO will support the security activities associated with evaluating, assessing, implementing, and managing security practices and continued operations of new and existing technologies for assigned systems in a Zero Trust environment. ISSO SMEs shall perform all duties and responsibilities in accordance with NIST SP 800-37, Risk Management Framework for Information Systems and Organizations, DHS 4300A, Zero Trust Framework, FISMA and other applicable guidance.
*Can be 100% remote in TX, NJ, NC, WV, AL, VA, MD, MO, DC, GA, or FL *
*MUST BE U.S. CITIZEN *
This is a 3-year engagement.
Responsibilities
Prepare documentation to support the operations of FedRAMP requirements.
Develop briefings and presentations for Government PM and Executive Management.
Provide security recommendations.
Support Security Authorization Processes, Security Control Assessments, and Ongoing Authorization activities as required and as directed by the customer.
Provide technical security solutions and control implementation recommendations to the development teams based on industry best practice and Federal requirements.
Perform comprehensive document reviews (DR) on risk management and security operations documentation, in alignment with DHS, USCIS, Zero Trust and FISMA requirements.
Perform independent reviews of system self-assessments of Zero Trust maturity
Perform other duties as assigned
Qualifications
Must be a US Citizen able to obtain an agency-specific suitability / public trust clearance prior to starting.
Experience with Federal Zero Trust requirements and assessing agency Zero Trust maturity in accordance with DHS CISA Maturity Model
Must have and maintain at least one active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, and CISA; or other comparable certification which must be approved in advance by the Government PM (on a case-by-case basis).
10+ years of experience managing IT projects and programs or specialized experience in one of the below positions: Information System Security Officer, Information System Security Engineer, Information System Security Auditor, or Information System Security Manager.
5+ years of experience with analyzing, assessing, and implementing corrective actions based on vulnerability and configuration management tools.
5+ years of experience with technical writing, administrative tasks, and conducting briefings.
Excellent customer service, analytical, problem solving, and interpersonal skills.
Ability to work independently and function as an integral part of the team.
Excellent oral and written communication skills; technical and business focused, with the ability to document and describe security process information collected.
Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints.
Demonstrated proficiency in vast array of Cyber Security platforms, such as: Security Information and Event Management (SIEM), Intrusion Detection System (IDS)/Intrusion Protection System (IPS), Data Loss Prevention (DLP), Web Application Firewalls (WAF), Threat Intel, and Endpoint Security.
Advanced Microsoft Excel skills to perform extensive data mining and correlation.
Experience working with NIST SP 800-53, RMF, FISMA, and DHS policies.
Strong analytical and problem-solving skills.
Desired Skills and Qualifications:
Security experience with systems in the cloud; specifically, AWS, Google, or Azure.
Experience with CI/CD - Deployment pipeline (e.g., Jenkins, Ansible).
Ability to provide security recommendations during the change management process.
Knowledge of Twistlock, Nessus, and Burp Suite vulnerability scanners.
Ability to function as a technical and security expert across multiple project/task areas.
Ability to work on high priority, ad hoc requests such as data calls, Senior Management (CIO, CISO, etc.) Initiatives, and customer mandates.
Deep understanding of Zero Trust and Security Regulations, such as NIST Publications and OMB Memoranda.
* BRMi will not sponsor applicants for work visas for this position. *
*This is a W2 opportunity only *
EOE/Minorities/Females/Vet/Disabled
We are an equal opportunity employer that values diversity and commitment at all levels. All individuals, regardless of personal characteristics, are encouraged to apply. Employment policies and decisions on employment and promotion are based on merit, qualifications, performance, and business needs. The decisions and criteria governing the employment relationship with all employees are made in a nondiscriminatory manner, without regard to race, religion, color, national origin, sex, age, marital status, physical or mental disability, medical condition, veteran status, or any other factor determined to be unlawful by federal, state, or local statutes.
Job Locations VA | MD | FL | TX | WV | AL | NJ | NC | GA | DC | MO...
Posted Date 14 hours ago (9/12/2024 10:14 AM)
ID 2024-3899
# of Openings 1
Category Management Consulting