Senior ISSO

Overview Axum has an opportunity for a Senior Cybersecurity Vulnerability Analyst to join our team. As a team member, the technical Information Systems Security Officer (ISSO) to lead the Security Control Assessment (SCA) for multiple analytic mission systems.

The ISSO must be proficient in standard SCA activities and will generate and maintain the complete required artifacts while leading the SCA activities according to the Judiciary Information Security Framework (JISF) and Risk Management Framework (RMF).

The ISSO will work with the system owners, developers, engineers, and administrators to ensure applications and systems are developed to meet required security controls, as well as to promote proper security configuration.

• The candidate must have expert knowledge of the NIST Risk Management Framework (RMF), along with other federal civilian agency policy and guidance. All candidates must be authorized to work in the United States. Responsibilities
• The Cybersecurity Control Assessor will be an advocate for IT security and engage with business owners in a way that will promote greater awareness and understandings of security governance, risk management, and compliance.
• Support to the Security Control Assessment (SCA) and all Risk Management Framework (RMF) processes (NIST 800-37, NIST 800-53, etc.) for multiple information systems 
• Work with systems owners, engineers, system administrators, release managers, and project management to follow SCA and ATO processes, and ensure compliance with government policies, procedures, and guidelines.
• Ensure validity and accuracy review of all associated security documentation
• Create and maintain System Security Plan (SSP), Security CONOPS, Security Test Plan (STP) and Security Test Procedures, document and maintain implementation details of NIST 800-53 security controls
• Plans and performs security functional testing, creates, and maintains STPs, supports security assessments
• Utilize CSAM to maintain artifacts and to work through the SCA process for each system release cycle
• Provide guidance on the information systems of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing, and determining the adequacy of required documentation
• Manage the plan of action and milestones (POA&Ms) by working with project managers and engineers to develop schedules and engineering actions that mitigate open findings
• Monitor and audit operational systems for proper use

Requirements:

• Strong analytical and creative problem-solving skills.
• Strong communication skills.
• Strong interpersonal skills to interact with customers, senior level personnel, and team members.
• Strong organization skills to prioritize work and balance complex projects.
• Ability to work independently and as part of a team.
• Ability to accept constructive feedback and implement changes immediately.
• Proficiency in Microsoft Office Suite

Required Qualifications:

• At least eight (8) years of cybersecurity experience, or similar related experience as an assessor, system/ network administrator, security testing experience.
• At least six (6) years of experience in National Institute of Standards (NIST) cyber security standards and best practices.
• At least (4) years conducting IT security assessments in a government, academic or business environment.
• Experience in Information Assurance with system, network, and web application testing knowledge.
• GIAC Certified Incident Handler (GCIH) Certification, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA)

Preferred Qualifications:

• Proficiency with Windows, MacOS, iOS and CentOS Linux operating systems
• Proficiency with CSAM

Benefits and Perks

Axxum Technologies benefits for eligible employees include:

Paid Holiday Leave

Paid Time Off

Medical, Dental & Vision Insurance

Short & Long-Term Disability Insurance

Employer-Paid Term Life Insurance

Eligibility to Participate in Flexible Spending Accounts Plan

Eligibility for Educational Assistance Program

Employee Referral Bonus Program

Transit Benefit Program in DC Metro Area

401K Plan