eGlobalTech

ISSO

Type
Regular Full-Time
US Citizen Required
Yes
US-VA-Arlington
Active Security Clearance Required
none
Status
Current
Clearance Status
Clearable

About the Role

As an ISSO (Senior), you will provide support to the Federal Client's Enterprise OIT systems. ISSO’s perform all duties and responsibilities in accordance with DHS 4300A, DHS ISSO Guide, and NIST guidance. The ISSO as a Service task will support both Sensitive But Unclassified (SBU)/For Official Use Only (FOUO).

Responsibilities

Responsibilities as an ISSO include, but not limited to:

  • Support all Security Authorization Process, Security Control Assessment and Ongoing Authorization activities as directed by the Federal Government for assigned systems.
  • Ensure all FISMA security controls and requirements are met at inception and throughout system development
  • Complete, maintain and/or support the completion and updates of all FISMA required documentation
  • Develop and complete all activities and deliverables contained in the SELC and DHS Sensitive Systems Policy Directive 4300A and DHS AD 102.01.
  • Conduct annual assessments and CP testing as required by DHS and ISD
  • Coordinate and manage all OA activities for the system, including:
    • Trigger Accountability Log (TRAL)
    • System Enrollment Form (SERF)
    • Review of monthly RMB brief and system associated slides
    • System Accounts Review Log
    • System Audit Log Review Log
    • Control Allocation Table (CAT)
  • Ensure that risk analyses are completed to determine cost-effective and essential safeguards
  • Provide input to appropriate IT security personnel for preparation of reports to higher authorities concerning information systems
  • Ensure that weaknesses are identified, documented, addressed and remediated through the process of POA&Ms, Waivers
  • Review, analyze and document scan results and ensure immediate remediation of critical and high vulnerabilities via Emergency CRs
  • Provide code review and approval for any code developed for the system prior to deployment into production
  • Ensure compliance with all legal requirements concerning the use of commercial proprietary software, such as respecting copyrights and obtaining site licenses
  • Provide Security Incident Management and Security Architecture assistance, including but not limited to development and maintenance of technical and administrative processes, methods, procedures and solutions, as required
  • Ensure changes do not detract from the current security configuration or state of the system/environment and ensure all changes should maintain or improve overall security
  • Ensure maintenance of system components is implemented via the Change, Configuration, and Release Management (CCRM) processes and procedures
  • Perform tasks to support DHS ICCB CR requirements for all Client's information systems, including review of DHS CR packages, ICCB CR forms, and CR test and backout plans as well as submit DHS ICCB security questionnaires and required security package for applicable CRs
  • Support the development and documentation of contingency plans, disaster recovery (DR) plans, and Continuity of Operations (COOP) plans.
  • Participate in COOP and failover testing for Client's systems and operations

Required Qualifications

  • 15 years' experience OR Master's Degree
  • 3+ years of specialized experience in one of the below positions: Information Systems Security Officer, Information Systems Security Engineer, Information Systems Security Auditor or Information Systems Security Manager is required
  • Certifications: At least one active certification such as Security+, CASP, GSEC, GSLC, CISSP, CEH, CISM, or CISA.
  • U.S. citizenship required
  • Active Secret clearance or able to obtain
  • Perform independent compliance reviews, tracking, and continuous monitoring of newly submitted security authorization packages.
  • Advise and assist with all stages of the NIST Risk Management Framework as applied to system security
  • Develop and refine Systems Security Plans (SSPs)
  • Perform continuous monitoring on systems that are already authorized including analyzing and developing plans in response to vulnerability scanning, source code scanning, audit log reviews, etc.
  • Maintain up to date system documentation in the client’s repository
  • Work closely with developers to identify the appropriate security controls
  • Work with certification agents to address results of their assessments and testing
  • Proactively inform system owners and other stakeholders of any risks to their systems, or major upcoming milestones
  • Keep abreast of security vulnerabilities and new threats for applicability to assigned systems; develop remediation plans as needed
  • Manage corrective action plans for the system and track progress
  • Brief authorization packages to senior agency officials during security authorization activities
  • Problem solving skills and ability to work under pressure
  • Strong Communication skills, verbal and written

Desired Qualifications

  • DHS experience
  • Previous experience with XACTA
  • CISSP-ISSEP or ISSMP, Red Hat Certified Security Specialist (RHCSS), Oracle Solaris 10 Security Admin, Amazon Web Services Certification Program Associate, PMP

About Us

Founded in 2004, eGlobalTech (eGT) is a leading management and IT consulting firm in the Washington, D.C. metropolitan area.  Our focus is to provide the public sector with innovative solutions, leveraging cutting-edge tools and methodologies to meet the Government’s most pressing business needs.  To achieve this objective, our core practice areas – strategy, IT solutions development, cyber security, and cloud computing – are integrated to provide clients with comprehensive end-to-end results.  This integration enables our highly motivated teams to thrive in a culture that encourages out-of-the-box thinking, collaboration and an environment where you can excel.  For more information, please visit our website at www.eglobaltech.com

 

Equal Employment Opportunity:

 

eGlobalTech is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, sexual orientation, gender identity, or status as a qualified individual with a disability.   EEO is the Law

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed