Information System Security Officer - CLEARED
Company: RightDirection Technology Solutions
Location: Washington
Posted on: August 7, 2022
|
|
Job Description:
RDTS is seeking an experienced Information System Security
Officer (ISSO) to provide Systems Assessment and Authorization
support to the US Department of the Treasury's Departmental Offices
(DO), Office of the Chief Information Officer (OCIO).
This position requires both the technical ability to provide
independent assessments and plans for current enterprise
applications and systems; and the interpersonal skills to oversee
effective inter/intra-departmental collaborations to ensure
effective operations. Personnel selected for this role will work
with RDTS leadership to oversee the program and Government
personnel to develop plan based on scheduled system and application
analysis to meet mission needs of the Department of Treasury
DO.
Duties and Responsibilities:
The overall duties and responsibility for this position are to
perform a security assessment (either full or partial) on each
system (up to nine systems) assigned in the Enterprise Applications
Cybersecurity portfolio.
The list of systems requiring security assessments will be provided
by the Program Manager and Government Lead based on the current
team workload.
The ISSO will work independently to perform IT audits on complex
information systems, applications, and enclaves to ensure that
appropriate controls exist, are correctly implemented, and that
procedures are in compliance with NIST, Federal, DOD standards.
The candidate will conduct cybersecurity control validation
exercises on classified and unclassified networks, applications,
and systems to validate the effectiveness of current security
measures.
He/She will conduct accurate evaluation of the level of security
required.
He/She will perform all procedures necessary to ensure the safety
of information systems assets and to protect systems from
intentional or inadvertent access or destruction.
The individual will provide technical support in the areas of
vulnerability assessment, risk assessment, network security, and
security implementation.
The candidate will provide technical evaluations of customer
systems and assists with making security improvements.
The candidate will also develop a Security Assessment Plan (SAP)
(Per NIST SP 800-53A, TD P 85-01, and TSSEC Policy - or DO P 910 if
applicable) that describes the scope of the system assessment.
The SAP shall include:
Security controls and control enhancements under assessment.
Assessment procedures to be used to determine security control
effectiveness.
Assessment environment, assessment team, and assessment roles and
responsibilities.
The results of the security assessment shall be documented in the
Security Assessment Report (SAR), Security Requirements Compliance
Matrix (SRCM), and the Plan of Actions and Milestones
(POA&M).
Bachelor's Degree in Computer Science, IA or other cyber
discipline.
Five (5) to Ten (10) years relevant experience.
Must possess fundamental understanding of Splunk applications.
Experience with Tenable., Qualys, DB Protect, Websense or a similar
security scanner.
Must have strong understanding of DISA STIG and CIS Benchmark
configurations.
Must be able to weigh business needs against security concerns and
be able to analyze applied mitigations to evaluate whether they
meet security requirements.
Must be a US citizen.
Must be able to obtain and maintain a security clearance.
Specialized Requirements:
Experience with scripting.
Experience with host based and application layer scan
technologies.
Knowledge of Azure, AWS, Oracle OCI or similar cloud-based
systems.
Strong knowledge of security fundamentals and common
vulnerabilities clearance.
Experience with the full stack of information technologies and
associated security models, including server/OS, database,
hardware, network devices, user compute application/SDLC, etc.
Experience working with cyber security and vulnerability
management.
Ability to work in a fast-paced work environment and open to
quickly adjusting to meet Customer needs.
All employment decisions shall be made without regard to age, race,
creed, color, religion, sex, national origin, ancestry, disability
status, veteran status, sexual orientation, gender identity or
expression, genetic information, marital status, citizenship status
or any other basis as protected by federal, state, or local
law.PI187967937
Keywords: RightDirection Technology Solutions, Washington DC , Information System Security Officer - CLEARED, IT / Software / Systems , Washington, DC
Click
here to apply!
|