WashingtonRecruiter Since 2001
the smart solution for Washington DC jobs

IT Cybersecurity Compliance Officer

Company: Zermount, Inc.
Location: Washington
Posted on: February 25, 2021

Job Description:

POSITION SUMMARY:The IT Cybersecurity Compliance Officer supports the performance of tasks associated with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). The Compliance Officer works in a team environment and performs assigned tasks with minimal supervision. The Compliance Officer works closely with the Federal Information System Security Managers (ISSMs) and Information System Security Officers (ISSOs) to consult and provide subject matter expertise on Federal Information Security Modernization Act (FISMA) and agency requirements throughout the various stages of the RMF.RESPONSIBILITIES:* Perform IA support services to assist the Chief Information Security Officer (CISO), ISSOs and ISSMs in maintaining an effective cybersecurity program that supports missions and adequately protects the confidentiality, integrity, and availability of information resources. * Develop metrics and communicate the compliance posture and effectiveness to Management on a scheduled basis. * Conduct Security Assessment and Authorization (A&A) document reviews; consisting of: System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), Configuration Management Plans, Contingency Plans, Security Categorization (FIPS-199) and other documents as required ensuring that applicable requirements are identified and documented appropriately and providing value-added recommendation as necessary * Review the SSP, prior to initiating the security control assessment (SCAs) and ensure the plan provides a set of security controls for the information system that meet the stated security requirements * Develop and maintain scheduling of SCAs and continuous monitoring (ISCM) activities. * Prepare the Security Assessment Plan (SAP) which identify the SCA Procedures and schedule. * Conduct comprehensive SCAs that determine the condition of the management, operational, and technical security controls employed within or inherited by an information system to determine the overall effectiveness of the controls * Provide an assessment on the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions and or controls to address identified vulnerabilities. * Prepare the final Security Assessment Report (SAR) containing the results and findings from the assessment at the conclusion of each SCA activity. * Prepare and submit the security authorization package to the Authorizing Official (AO), consisting of, at a minimum, the SSP, SAR, POA&Ms, and Risk Recommendation Letter. * Gather data, analyze compliance and report results on the condition and progress of the IT Cybersecurity Program, POA&Ms, A&A workflow tools data, FISMA compliance requirements, and ATO packages. * Supports ISCM by assisting with the scheduling of activities, tracking POA&Ms, performing annual document reviews, and conducting annual assessments. * Provide POA&M management, coordinating with ISSMs and ISSOs to ensure timely mitigation and sufficient artifacts to support closure. * Conduct POA&M management and quality control activities for the agency and ensure accuracy in the agency's Security A&A tool. * Facilitates the Federal Information Security Management Act (FISMA) activities for all agency systems. * Follow up on deficiencies identified in reviews and external audits to ensure appropriate remediation measures have been achieved timely. * Track mitigation steps and ensure that risks are managed appropriately and in a timely manner. * Perform quality reviews on all security-related deliverables for the system ATO packages. * Review and analyze metrics and security reports on a regular basis (e.g. daily, weekly, monthly, etc.). * Develop and report weekly on statuses of all activities and systems within the agency's system inventory. * Support Ongoing Authorization (OA) by assisting the ISSO's and ISSM's with the review of the security controls on the agency's defined timeframes. * Provide expert working knowledge of all FISMA, NIST and other security guidelines and policies for RMF, A&A, ISCM, and OA support. * Develop and report on security metrics pertaining to the IT Cybersecurity Program. * Develop Standards Operating Procedures, processes, policies, briefings, and schedules as required by the CISO, ISSM's or management. QUALIFICATIONS:* A minimum of three (3) years of professional hands-on experience with IT, Cybersecurity, or Information Assurance (IA), preferably in Federal Government. * Candidate must have knowledge of computer and network vulnerabilities, the ability to analyze data and provide value-added risk assessments and mitigation recommendations * Candidates must have experience creating or contributing to Security A&A documentation in the following areas: SSPs, SARs, Contingency Plan CP), CP Test (CPT), and POA&Ms. * Candidate must have a thorough understanding of FISMA requirements and NIST guidance * Candidate must be able to work both independently and in a team environment. * Proficient in standard software applications (e.g., Microsoft Word, Excel, Access, PowerPoint, Project), Visio, SharePoint, Adobe, etc. * Must be self-motivated, proactive, detail oriented, and highly organized * Excellent communication (written and verbal) skills * Experience with technical writing EDUCATION:* Bachelor's degree or higher in computer science, Information Technology, Information Security, or similar fields. * Years of experience and certifications will be considered in the absence of a degree. CERTIFICATIONS:* A minimum of at least one (1) of the following Information Security certifications, or equivalent: * ISC--: CISSP, SSCP, CCSP, CAP, CSSLP, etc. * GIAC: GCIH, GWAPT, GPEN, GSLC, etc. * ISACA: CISA, CISM, CRISC, CGEIT, etc. * EC-Council: C-EH, C-CISO, C-HFI, E-CIH, etc. * CompTIA: Security+, CYSA+, PENTEST+, CASP+ CLEARANCE:* Minimum of an Active Secret Clearance (Top Secret preferred) WORK LOCATION AND BUSINESS SUPPORT HOURS:* Location: Washington, DC * Business Hours: 7:00am - 6:00pm (Core Hours: 9:00am - 3:00pm) Zermount, Inc. is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. We participate in the E-Verify Employment Verification Program.Powered by JazzHRMJHFLNpSpY

Keywords: Zermount, Inc., Washington DC , IT Cybersecurity Compliance Officer, Other , Washington, DC

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other Other Jobs


Chief Systems Engineer
Description: Description SAIC is seeking Systems Engineers at various experience levels to provide Engineering services of complex space and ground efforts as part of an exciting and innovative program. These Engineering (more...)
Company: SAIC Corporation
Location: Chantilly
Posted on: 03/5/2021

Instacart Shopper (car required)
Description: FULL-SERVICE SHOPPER br Why shop and deliver with Instacart br Instacart is the North American leader in grocery delivery. We strive to help make grocery delivery effortless, affordable, and (more...)
Company: Instacart
Location: Charlottesville
Posted on: 03/5/2021

Promotions Specialist
Description: Allconus, a growing Leesburg-based company specializing in legal support services for small law firms,
Company: AllConus
Location: Leesburg
Posted on: 03/5/2021


Front Desk Clerk
Description: Front Desk ClerkPart-TimeImmediate
Company: Super 8 Motel
Location: Charlottesville
Posted on: 03/5/2021

Sr Help Desk-Active T/S Clearance
Description: Company Overview: XPECT Solutions, Inc. has built a strong reputation by supporting our clients in meeting their strategic goals and mission objectives. We provide high quality resources for a wide range (more...)
Company: Xpect Solutions, Inc
Location: Chantilly
Posted on: 03/5/2021

Supplement Your Income - Shop and Deliver
Description: FULL-SERVICE SHOPPER br Why shop and deliver with Instacart br Instacart is the North American leader in grocery delivery. We strive to help make grocery delivery effortless, affordable, and (more...)
Company: Instacart
Location: Charlottesville
Posted on: 03/5/2021

Entry Level Financial Advisor
Description: We're More Than InsuranceAt Mutual of Omaha, we're not afraid to step outside the box and release the potential for ultimate success. We are a Fortune 500 company that allows you to carve your own professional (more...)
Company: Mutual of Omaha
Location: Charlottesville
Posted on: 03/5/2021

Operations Support Systems Engineer
Description: Job ID: br 212986 br Location: br CHANTILLY br , br VA br , br US br Date Posted: 2021-03-02Category: Engineering and SciencesSubcategory: Systems EngineerSchedule: Full-timeShift: Day (more...)
Company: SAIC
Location: Chantilly
Posted on: 03/5/2021

HOME Mentor Coordinator (Volunteer)
Description: Requisition ID:req12225Job Title: HOME Mentor Coordinator Volunteer Sector: Community DevelopmentEmployment Category: VolunteerEmployment Type: Part-TimeOpen to Expatriates: NoLocation: Charlottesville, (more...)
Company: International Rescue Committee
Location: Charlottesville
Posted on: 03/5/2021

Instacart Shopper (car required)
Description: FULL-SERVICE SHOPPER br Why shop and deliver with Instacart br Instacart is the North American leader in grocery delivery. We strive to help make grocery delivery effortless, affordable, and (more...)
Company: Instacart
Location: Charlottesville
Posted on: 03/5/2021

Log In or Create An Account