Information Systems Security Officer

Responsibilities

• Develop and update the information system security documentation for the systems (eg Security Plan Contingency Plan Contingency Plan Test Business Impact Analysis FIPS eAuthentication Privacy Threshold Analysis etc)
  
• Ensure systems are appropriately patched and hardened
  
• Coordinate the remediation of Plan of Action and Milestones (POA&M) with various groups
  
• Facilitate and support the Ongoing Authorization Program
  
• Effectively communicate technical information to nontechnical personnel
  
• Conduct ISSO responsibilities to include the approval of change request review of audit logs review of system accounts and analysis of vulnerability scans
  
• Develop waivers & exceptions for information system vulnerabilities
  
• Work with clients to develop capabilities briefings and presentations
  
• Provide security recommendations to the Risk Management Branch Chief
  

Requirements

Requirements

years of experience in the following

• Design/implementation/consulting experience with Security Compliance and Risk Management
  
• US Government compliance and security standards including NIST FedRAMP FISMA ICD and implementing security concepts / best practices
  
• Managing Certification and Accreditation and continuous monitoring activities utilizing common control frameworks
  
• Managing the security posture of cloud environments and working with engineering teams to remediate and communicating overall risk of environment while identifying areas of improvement
  
• Risk mitigation and selecting or designing appropriate security controls for implementation
  
• Coordinating monitoring and tracking security activities across multiple organizations
  

Experience of the following

• Applying cloud security concepts requirements design development implementation and integration for existing and new technology product offerings
  
• Engineering/architecture for systems in the cloud specifically AWS Azure and/or Google
  
• Working with core services networking security groups or policy management in relation to Cloud resources across multiple operating systems
  
• Migrating or transforming legacy customer solutions to the cloud
  
• Advising customers on cloud architectures and designs meeting US Government accreditation standards
  

Desired candidate skills include the following

• Excellent oral and written communication skills for contact with customers via calls chats and email
  
• Bachelors degree in Information Systems / Information Technology Computer Science Computer Engineering Electrical Engineering related field or technical degree or years of relevant experience
  

License/Certification

• one of CASP GSEC GSLC CISSP CEH CISM CISA Security (Required)
  
• one of AWS Azure Cloud Certification (Preferred)
  

Benefits

• (k)
  
• Dental insurance
  
• Health insurance
  
• Life insurance
  
• Paid time off
  
• Tuition reimbursement
  
• Vision insurance
  

Requirements Requirements 5+ years of experience in the following: Design/implementation/consulting experience with Security, Compliance, and Risk Management US Government compliance and security standards, including NIST, FedRAMP, FISMA, ICD 503 and implementing security concepts / best practices Managing Certification and Accreditation and continuous monitoring activities utilizing common control frameworks Managing the security posture of cloud environments, and working with engineering teams to remediate, and communicating overall risk of environment while identifying areas of improvement Risk mitigation and selecting or designing appropriate security controls for implementation Coordinating, monitoring, and tracking security activities across multiple organizations Experience of the following Applying cloud security concepts, requirements, design development, implementation, and integration for existing and new technology product offerings Engineering/architecture for systems in the cloud; specifically, AWS, Azure and/or Google Working with core services, networking, security groups, or policy management in relation to Cloud resources across multiple operating systems Migrating or transforming legacy customer solutions to the cloud Advising customers on cloud architectures and designs meeting US Government accreditation standards Desired candidate skills include the following: Excellent oral and written communication skills for contact with customers via calls, chats, and email Bachelor's degree in Information Systems / Information Technology, Computer Science, Computer Engineering, Electrical Engineering, related field, or technical degree, or 4 years of relevant experience License/Certification: one of: CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, Security + (Required) one of: AWS, Azure, Cloud Certification (Preferred)