Strategic Information Technology Advisor ISSO – I

Location: 700 Army Navy Drive, Arlington, VA

However, can move between Sterling, Arlington, Lorton, & remote

3 days onsite and 2 days remote

Clearance: Secret or Top Secret

Salary: 130k - 135k w2

Rate: 60/hr to $65/hr 1099

Description:
The Information System Security Officer (ISSO) will serve primarily on the Cybersecurity Service Security Team. This role ensures the appropriate operational security posture is maintained for information system or program. The ISSO also serves as the principal advisor to the Authorizing Official and information System Owner on all matters involving the security of the information system.

Duties:

· Evaluation of the assigned information systems’ security control compliance with the federal requirements and the client’s monitoring strategy

· Management of emerging and defined risks associated with the administration and use of assigned information systems

· Coordination with the client’s Cybersecurity Unit to achieve and maintain the information systems’ compliance and authorization to operate (ATO)

· Ensuring systems are operated, maintained, and disposed of in accordance with policies outlined in the approved security authorization package

· Performing annual assessments to ensure compliance with the client’s policies and standards

· Serve as a member of the Configuration Control Board (CCB) to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented

· Ensuring information system security requirement are addressed during all phases of information systems lifecycle

· Establishing audit trails, ensuring their review, and making them available while retaining audit logs in accordance with DOJ and component policies

· Generate and interpret documentation needed to address the items detailed within the CSAM

· Work within a team environment to provide technically sound guidance order to adhere to the cybersecurity industry best practices and the client’s monitoring strategy

· Analyze collected information to identify vulnerabilities and potential for exploitation and effectively present the results and guidance derived from scans to system owners or other leadership, as required

· Effectively communicate orally and in writing to track and detail the demands, efforts, and shortcomings in meeting the goals of the client’s information system monitoring strategy

·Support the integration/testing, operations, and maintenance of systems security

·Develops, updates, and maintains internal Standard Operating Procedures for all internal assigned functions

·Aligns business processes and information technology strategy with the conditions and circumstances of the functional environment and establishes effective performance measures

·Contributes to the definition and implementation of planning processes and/or systems at the enterprise level including both strategic and operational activities

·Provides system operation support, administers hardware and software inventory

Required Qualifications:

·Master’s degree from an accredited college or university or equivalent (documented formal training) in Information Technology, and eight (8) years overall experience with a minimum of five (5) years of documented relevant work experience performing any combination of Information SPAA, cybersecurity, system administration, or engineering.

o Education Substitution

§ Any combination of certificates such as Microsoft’s MCSE, or Cisco’s CISM, CISA, CSSP, CCNA, CCDA, or CCNP, may be considered equivalent to two (2) year of general experience / information technology experience. Certificates under the DoD IAM, IAT, IASAE, or CSSP Levels I, II or III may be considered equivalent to two (2) years of information security experience.

·Secret clearance: must be eligible for a Top-Secret clearance, if requested.

·Minimum of five (5) years of relevant experience as ISSO, security analyst, or security engineer. Familiarity with program security responsibilities to include, but not limited to the NIST RMF, audit log reviews, system monitoring, SPAA processes, FISMA requirements, vulnerability & compliance scanning, continuous monitoring activities, security testing and evaluation, and security policies.

·Highly specialized knowledge and expertise in one of more vertical disciplines such as law enforcement, anti-terrorism, biological science, banking, transportation, or other such disciplines as required to define/establish the functional or business direction of an enterprise, agency, or inter-agency requirement.

Preferred Qualifications:

• A , Network , Security , SSCP, and/or CCNA certifications
• 2 years of experience supporting validated desktop, server, network, systems administration, troubleshooting, implementation security requirements in Microsoft Windows 10, OS imaging, installation, configuring, and support & troubleshooting
• Familiarity with Splunk, Tenable.sc, and/or other system monitoring tools
• General knowledge of networking technologies such as TCP/IP ports, protocols, and services, switching, and routing
• Familiarity with security hardening guides & tools (DISA STIGs/SCAP)
• Willingness to learn new technologies & take on new projects to grow experience
• Ability to remain calm and composed under pressure in a high energy, fast paced environment
• Adaptability to changing business needs
• Comfort working with minimal daily supervision
• Ability to balance multiple priorities
• Working knowledge of Microsoft Office programs

Additional Information:

This position most closely aligns to the following NIST Work Roles.

· Secure Software Assessor, Work Role ID 622, (NIST: SP-DEV-002)

· Security Control Assessor, Work Role ID 612, (NIST: SP-RM-002)

· Systems Security Analyst, Work Role ID 461, (NIST: OM-AN-001)

· Must have a minimum of Secret Clearance

Job Type: Full-time

Pay: $130,000.00 - $135,000.00 per year

Benefits:

• 401(k)
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance

Schedule:

• 8 hour shift
• Monday to Friday

Ability to commute/relocate:

• Arlington, VA 22202: Reliably commute or planning to relocate before starting work (Required)

License/Certification:

• * A , Network or Security (Preferred)
• SSCP, or CCNA certifications (Preferred)

Work Location: Hybrid remote in Arlington, VA 22202