Information Systems Security Officer
Warrenton, Virginia
Employer: Jacobs
Industry: Information Technology
Salary: Competitive
Job type: Full-Time
The mission of the Lone Wolf Team is to support, operate, and maintain a DoD provided, integrated voice, video, and data global communications network that facilitates collaboration among senior leaders and key staff.
As a Senior Information Systems Security Officer, you will serve as the subject matter expert with a focus on cybersecurity risk management and governance, including the integration of cyber disciplines, such as mission assurance and supply chain risk management. You will work closely with the Cybersecurity Manager, Information Systems Security Engineers, and Systems/Network Engineers to ensure approaches, constraints, and perspectives are fully recommended and considered in risk management and policy decisions. Analyze the development of strategy, policy, governance, and implementation guidance recommendations to more closely integrate cybersecurity disciplines to enable a holistic risk management approach.
The Senior Information Systems Security Officer will also perform Risk Management Framework (RMF) Assessment and Authorization (A&A) responsibilities. Develop the documentation, validation, and accreditation processes necessary to assure systems meet security and privacy requirements. Evaluate test results, analyze risk, and develop security assessment documentation to support accreditation decisions. Create a risk mitigation strategy and ensure security configurations are maintained in accordance with DoD mandated policies. Interpret RMF guidance from Authorizing Officials for clients and provide information and input for the preparation of accreditation packages. Assess the applicability of emergent vulnerabilities to individual systems and technologies.
Responsibilities:
#divergent
Preferred:
As a Senior Information Systems Security Officer, you will serve as the subject matter expert with a focus on cybersecurity risk management and governance, including the integration of cyber disciplines, such as mission assurance and supply chain risk management. You will work closely with the Cybersecurity Manager, Information Systems Security Engineers, and Systems/Network Engineers to ensure approaches, constraints, and perspectives are fully recommended and considered in risk management and policy decisions. Analyze the development of strategy, policy, governance, and implementation guidance recommendations to more closely integrate cybersecurity disciplines to enable a holistic risk management approach.
The Senior Information Systems Security Officer will also perform Risk Management Framework (RMF) Assessment and Authorization (A&A) responsibilities. Develop the documentation, validation, and accreditation processes necessary to assure systems meet security and privacy requirements. Evaluate test results, analyze risk, and develop security assessment documentation to support accreditation decisions. Create a risk mitigation strategy and ensure security configurations are maintained in accordance with DoD mandated policies. Interpret RMF guidance from Authorizing Officials for clients and provide information and input for the preparation of accreditation packages. Assess the applicability of emergent vulnerabilities to individual systems and technologies.
Responsibilities:
- Lead the development and maintenance of information security policies, standards, and control procedures to enable compliance with RMF.
- Complete Security Authorization packages, to include System Security Plans, Security Assessment Reports, POA&M summaries and a Continuous Monitoring Plan/assessment schedule, and present executive briefing to senior management.
- Ensure security risk assessments are conducted as appropriate on any system upgrades, software/hardware changes, etc.
- Ensure security authorization boundaries are properly defined and captured in the system security plans, and that all interconnection agreements are in place and current.
- Ensure system security controls contain accurate implementation statements and assessments results, and that appropriate artifacts are completed to support findings provide hands-on assistance as appropriate.
- Ensure POA&Ms have appropriate milestones, accurate description of the weaknesses and remediation, estimated cost to completion and realistic due dates providing hands-on assistance to components as necessary
- Maintain day-to-day security posture and continuous monitoring of all Information Systems.
- Review system vulnerability scans, verify implementation of DISA STIG's, and ensure other security relevant information system configuration tasks are completed.
- Perform test/evaluation of required technical security controls including performing certification tests and periodic inspections of information systems.
- Develop and conduct test procedures for verification Assessment and Authorization (A&A), Risk Management Framework (RMF) safeguards to meet customer requirements based NIST publications.
- Assess changes to an IS by performing periodic self-inspections, tests, and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed; ensure corrective actions are taken for identified findings and vulnerabilities.
#divergent
- Active TS/SCI Clearance
- Bachelor's degree in a related field required
- Minimum of 8 years of directly related experience
- Must meet DoD 8570.01-M IAT-II or IAM-I baseline certification requirements such as Security + or equivalent.
- Experience with Microsoft Office applications such as Excel, Word, and Outlook.
- Experience in development of technical documentation to include artifacts required to support Assessment & Authorization (A&A) under the Risk Management Framework.
- Experience with security configurations across multiple operating systems in various environments, to include Windows, Linux, UNIX, utilizing Active Directory/Group Policy.
- In-depth knowledge of Microsoft Windows OS (client and server); familiarity with Red Hat Enterprise Linux (RHEL) desired.
- Experience in development of technical documentation to include artifacts required to support Assessment & Authorization (A&A) under the Risk Management Framework.
- Experience with eMASS, XACTA, ACAS/NESSUS, Trellix, and Splunk.
- Experience with risk managed downloads, IS sanitization and destruction, contaminations, incident response, virus scanning, privileged user access, and hardware/software configuration management.
- Experience with developing IT policy, guidance, or procedure documentation supporting cybersecurity accreditations.
- Experience with analyzing, assessing, or implementing NIST SP 800-53 security controls, CCIs, and associated assessment procedures.
- Experience with developing and presenting complex technical information for technical and non-technical audiences.
- Expert familiarity with RMF.
- Excellent written and communication skills.
Preferred:
- Previous supervision and/or participation with cybersecurity Assessment and Authorizations.
- Ability to provide hands-on cyber security tool assistance as necessary.
- Familiarity with cybersecurity tool suite; ForeScout, Avanti, and HBSS
Created: 2024-06-29
Reference: CIS000237
Country: United States
State: Virginia
City: Warrenton
Similar jobs:
-
Information Systems Security Officer (ISSO)
Mission Essential Intelligence Solutions in Fairfax, Virginia -
2024 School Security Officer JOB FAIR
Chesterfield County Public Schools in Chesterfield, Virginia💸 $36000 - $45258. per year -
Security Officer
Wegmans in Ashland, Virginia -
Security Officer (Armed)
Paragon Systems Inc. in Harrisonburg, Virginia -
Cleared Security Officer
Paragon Systems Inc. in Reston, Virginia💸 $20.50 - $25.00 per hour -
School Security Officer - Secondary
Henrico County Virginia in Henrico, Virginia💸 $33470.00 per year -
Mid-Level Task Security Officer (TS/SCI) | Springfield (ALEN-D29HPQ)
Computer Systems Center Incorporated in Springfield, Virginia -
Information Systems Security Officer/Systems Administrator
Leidos Holding in Remote, Virginia -
SECURITY OFFICER
Defense Technical Information Center in Fort Belvoir, Virginia -
Information System Security Officer Senior (TS/SCI)-Alexandria, VA
iSenpai in Alexandria, Virginia -
Security Officer (Armed)
Paragon Systems Inc. in Suffolk, Virginia -
Cleared Security Officer - TS/SCI W/ Poly
Paragon Systems Inc. in Manassas, Virginia💸 $39 per hour -
School Security Officer - Secondary
Henrico County Virginia in Henrico, Virginia💸 $33470.00 per year -
Security Officer/Guard - PRN
Lifepoint Health in Galax, Virginia -
FPS Supervisor Protective Security Officer
Koniag Government Services in Quantico, Virginia -
Information Systems Security Officer (ISSO) Support
Nana Regional Corporation in Langley Air Force Base, Virginia -
Part-Time Weekend Security Officer ($35/hr) TS with SCI eligibility
Nana Regional Corporation in Reston, Virginia💸 $35 per hour -
COMSEC Officer, Information Security
Amazon in Arlington, Virginia -
Unarmed Security Officer
Virginia Jobs in Fairfax County, Virginia💸 $24 per hour -
Security Officer Full Time Armed
Transforce in Herndon, Virginia💸 $25.08 per hour