Information Systems Security Officer - Military veterans preferred

2020-02-04
SAIC (www.saic.com)
Other

/yr

  full-time   employee


Chantilly
Virginia
20151
United States

Description

SAIC is seeking an immediate placement of a highly qualified Information Systems Security Officer (ISSO) to lead the Assessment and Authorization (A&A) for multiple mission systems, ranging from test systems to time critical, high availability operational systems. The ISSO must be proficient in standard A&A activities, security risk mitigation strategies and processes.  The candidate will generate and maintain the complete security body of evidence (BoE), in coordination with a team of technical SMEs, while leading the A&A activities according to the Risk Management Framework (RMF). Must be motivated self-starter that can take on a variety of task supporting multiple systems though the ICD 503 RMF process.

    

As the ISSO, you will work closely with and under the direction of the Information Systems Security Manager (ISSM) and the Government sponsor. This is a multi-tasking environment that demands customer service, communication, and organizational skills. A successful candidate will be motivated, results-oriented and have a willingness to learn. The ISSO will maintain the operational security posture to ensure information systems (IS) security policies, standards, and procedures are established and followed. 

Job Duties Include: 

 

  • Provide continuous monitoring to enforce client security policy and procedures and create processes that will provide increased visibility to system owners on impacts to the security posture of systems.
  • Ensure system security measures comply with applicable government policies.
  • Monitor configuration management changes and assess the impact of modifications and vulnerabilities for each system.
  • Ensure that system security requirements are addressed throughout the project and system lifecycle.
  • Ensure effective controls and processes are in place and working effectively to maintain a strong system security posture.
  • Perform vulnerability/risk assessment analyses to support Assessment & Authorization (A&A) activities.
  • Review system security A&A package submissions for consistency, completeness and traceability ensuring compliance.
  • Develop, maintain, and facilitate the appropriate closure of POA&Ms and facilitate with the Agency ISSM any related remediation activities.
  • Demonstrated strong oral and written communication and presentation skills.
  • Attention to detail coupled with effective analytical and problem-solving aptitude.
  • Ability to diplomatically and effectively deal with government officials and program office stakeholders.
  • Ability to communicate clearly and present information to the customer in a format they can understand.
  • Gain familiarization and knowledge of the operations environment / center.
  • In a surge capacity, provide support to the operations center when necessary, supplementing Tier 2 and Tier 3 personnel.
  • Ability to support occasional non-standard business hours.
  • Ability for local travel in WMA to support meetings and visit customer facilities.

 

Qualifications

  • Clearance required: Active TS/SCI with poly

  • 9+ years of experience in a broad range of assignments in technical ISSO tasks and a Bachelor’s degree

  • Excellent communication skills (verbal and written)
  • Experience editing and writing reports/documents
  • Ability to work independently, as well as collaboratively, in a fast-paced, deadline-driven, environment
  • Excellent interpersonal skills working in a team environment, and attention to detail
  • Ability to comfortably and professionally interact with individuals at all levels of the organization
  • Superior ability to facilitate communication and coordination among federal partners, organizations, and working groups
  • Security + certification

Desired Qualifications

 
  • Bachelor’s degree in computer science, programming or a related field
  • Experience with gaining ATD and ATO for systems up to INT C data protection levels
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Risk and Information Systems Controller (CRISC)
  • Certified Ethical Hacker (CEH)
  • Global Information Assurance Certification (GIAC) and GIAC Security Essentials