Information Systems Security Officer (ISSO)/CE - Principal I

Residency Status: ALL Candidates Must Be A U.S. Citizen

Clearance: Candidates Must have an Active Secret clearance and the ability to obtain a TS/SCI security clearance.

Clearance Notice: *Candidates without the required clearance will NOT be considered for this position.*

Time Type: Full-Time, Daytime Schedule - Hybrid

Relocation Fees: No

Salary: $130k with benefits

Company Overview:

NAOVI is a premier technology services company that provides solutions in the areas of Cyber Security, Information Management and Systems Integration. NAOVI is a business that combines experience, creativity, flexibility, pragmatism, and cost-effective solutions in order to deliver measurable business value to our clients.

Headquartered in Fredericksburg, Virginia, NAOVI employs engineers, analysts, IT specialists and other professionals who strive to be the best at everything they do.

Novel Applications of Vital, Inc. (NAOVI) is an AA/EEO Employer Minorities/Women/Veterans/Disabled.

Job Description

NAOVI is seeking a Information Systems Security Officer (ISSO) to support the design, development, and deployment of advanced cybersecurity capabilities.

Primary responsibilities:

• Leading all cyber security activities required to maintain ATO for assigned systems within the customer’s lab environment.
• Providing support for facilitating and helping the lab identify its current security infrastructure and define future programs, design and implementation of security related to lab systems.
• Assisting the efforts of security staff to design, develop, engineer and implement solutions to security requirements.
• Implementation and development of the customer’s IT security plans.
• Gathering and organizing technical information about the lab’s mission goals and needs, existing security products, and ongoing programs.
• Performing risk analyses which also includes risk assessment.
• Providing support to plan, coordinate, and implement the lab’s System Security Plan.
• Coordinating with the appropriate stakeholders to create, update and maintain security related documentation and reporting as required.
• Supporting a variety of Security related tasking which may include:
• o Develop and maintain Privacy Threshold Analysis and assist with Privacy Impact Assessment.
• o Develop, maintain, and facilitate Contingency Plan and Contingency Plan Test.
• o Develop, maintain, and facilitate Configuration Management Plan and update Security Plan when applicable.
• o Develop, maintain, facilitate system Incident Response Plan.
• o Perform Annual Self-Assessment of system security controls CND policies, procedures, and regulations.

Required Skills:

• U.S. Citizenship.
• Active Secret clearance. Must be able to obtain a TS/SCI clearance.
• Must be able to obtain DHS Suitability.
• 6 years of directly relevant experience in information security management.
• Experience working on multiple complex assignments which are broad in nature, requiring originality and innovation in determining how to accomplish tasks.
• Ability to apply a comprehensive knowledge across key tasks and high impact assignments.
• Knowledge of Computer Network Defense (CND) policies, procedures & regulations.
• Knowledge of defense-in-depth principles and network security architecture.
• Beginning to end Knowledge of Risk Management Framework (RMF) and Assessment and Authorization (A&A) documentation to include SSP, Contingency, Incident & Configuration Mgmt. planning.
• Experience establishing and maintaining good working relationships in all levels of the organization, including customers, internal management.
• Demonstrated understanding of: security practices in a hybrid on-premise/cloud environment; hardware/software security implementation; different communication protocols; encryption techniques/ tools; familiarity with commercial products, and lab infrastructure technology.
• Demonstrated understanding of cyber security tools such as Firewalls, SIEM, PCAP, and cloud native security offerings.
• Understanding of boundary protection and enclaving.
• Understanding of authentication and access management technologies.
• Excellent written and oral communication skills.
• Must be able to work collaboratively with internal and external stakeholders across physical locations.

Desired Skills:

• Experience working collaboratively with stakeholders at various levels across the organization.
• Experience with AWS security related services/resources: Guard Duty, CloudTrail, Security Hub, Amazon Inspector, Secrets manager, IAM, Etc.
• Experience with Xacta and Continuum.
• Experience with Splunk, Tenable, Tanium and End Game.
• Experience with Net App.

Required Education

• Eight (8) or more years of cyber security experience required.
• [A Master’s degree in a related discipline may substitute for two (2) years of experience. A PhD may substitute for four (4) years of experience.].
• Bachelor’s degree in Information Security, Cyber Engineering or a related discipline is required. [Ten (10) years of experience (for a total of eighteen (18) or more years) may be substituted for a degree.].

Desired Certifications:

• DoD 8570.1 IAT Level III

Salary : $130,000