*** Only candidates with current TS/SCI clearance will be considered ***
*** We are unable to sponsor a clearance at this time ***
** A POLYGRAPH is required for this position **
_________________________________________________________________________________________
JOB DESCRIPTION:
- Responsible for security architecture and systems engineering supporting projects
- Provide guidance to the team to support system accreditation (IATT and ATO)
ISSO tasks include:
- Prepare system security plan (SSP) and provide recommendations to assist in obtaining ATOs.
- Identify, develop (either directly, or in coordination with applicable experts), review and incorporate common artifacts found in an RMF accreditation package such as: system architecture and boundaries, hardware and software lists, risk assessment reports, POA&Ms, data flows, and other necessary system, network, and application documentation.
- Work with ISSM and DAOs to ensure systems obtain and maintain accreditation.
- Verify package submissions have met the threshold for approval such as: C&A Package for System Reauthorization, SAR Findings, CTO’s, POA&Ms, and System Security Plans (SSPs).
- Apply continuous monitoring techniques to evaluate the systems security posture.
- Create tasking for developers and system administrators as changes and patching are required.
- Oversee the implementation of software patches to maintain the security posture of the organization.
- Responsible for implementing, and enforcing information systems security policies, standards, and methodologies.
- Familiarity with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus) necessary to identify and document compliance.
- Review Audit Logs on a weekly basis.
- Perform Data transfers on a weekly basis driving from CACI Hanover Office to Ft. Meade.
- Maintain and report assessment and authorization statuses and issues in accordance with organizational guidance.
- Understand the PRIVAC process. Support personnel with new PRIVAC requests and extensions.
REQUIRED SKILLS:
Experience with:
- The ICD 503/NIST 800-53 certification and accreditation process
- The Risk Management Framework
- Developing and maintaining SSPs
- IAVA review and handling
- Interpreting Security Scan results
- Interfacing with System Administrators and Software Engineers
- Task tracking systems (e.g. Jira, Redmine, ServiceNow)
Understands:
- Public Key Infrastructure-based authentication
- A variety of security policies, especially within the IC
- fundamentals of technical security risk assessment
- Understands how to perform analysis of alternatives
Able to clearly communicate ideas and status updates to management and other stakeholders.
EDUCATION:
- Bachelor's degree in a technical discipline from an accredited college or university
- Seven (7) years of relevant work experience
- Four years of additional experience may be substituted for a bachelors degree.
- At least four (4) years of this experience must be as an ISSO on programs and contracts of similar scope, type, and complexity
REQUIRED CERTIFICATIONS:
IAM Level 1 CWIP certification and one of the following baseline certifications:
- CAP, CND, Cloud+, GSLC, Security+CE, HCISPP, CASP+CE, CISM, CISSP (or Associate), CCISO
** You must have TS/SCI Clearance for this position **
** A POLYGRAPH is required for this position **
BENEFITS:
- Competitive salary
- Company Medical/Dental/Vision plans – Company paid
- Short-term Disability, Long-term disability and Life Insurance – Company paid
- Business/ First Class travel upgrade for 7 hour or longer flights & company card will be provided for expenses
- Vacation / Personal days granted at 25 days per year
- Paid Federal Holidays – 11 days
- $5,000 Annual Professional Development Fund plus 40 paid hours if in class
- 401K with 6% company match; all contributions are immediately vested by Employee
- Employee will be paid a bonus of $10,000 per employee hired based on their referral
- Up to 3 paid Code Red days due to customer closure
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.