Information System Security Officer
- Full-time
Company Description
With over 30 years of experience, we are Veterans helping Veterans. Veteran Technology Leaders is a customer‐focused team of skilled military Veterans and seasoned professionals delivering comprehensive services including: Cyber Security ; Business Analytics; Business Process Engineering Management; ERP Systems Integration/Implementation and Program Management.
Job Description
- Lead a team of ISSOs and Assessors that develop and maintain Authority to Operate (ATO) security documentation for all organization systems and authorization boundaries.
- Work with POA&M managers and system owners to oversee the work effort toward the closure of POA&Ms resulting from assessment and vulnerabilities.
- Review, Analyze & make recommendations based upon technical and administrative needs to mature the posture of the Cyber Security program.
- Performing oversight and managing the processes for performing A&A efforts that meet and comply with NIST guidelines and meet FISMA regulations.
- Support a client as a Sr. SME for assessment and authorization (A&A), including A&A efforts for various agency systems.
- Maintain responsibility for supporting federal clients obtaining the authority to operate (ATO) for new and modernized systems.
- Adhere to the NIST Risk Management Framework (RMF) to support the A&A process, including analyzing the development of supporting policies, procedures, and plans, designing and implementing security controls, testing and validating security controls, and analyzing and tracking corrective action plans.
- Ensure all supporting artifacts and results will be documented in the organization’s A&A repository.
Qualifications
- BA or BS degree in MIS, CS, or related cyber-security discipline (Masters preferred).
- Previous experience in role of an ISSO/Assessor a huge plus
- 10+ years of experience with certification and accreditation (C&A) or A&A.
- 10+ years of experience as a security control assessor or validator.
- 10+ years of experience with maintaining IT security policies, processes, and guidance.
- Experience with NIST special publications (SPs) regarding the SA process, including SP 800-53, SP 800-137, and SP 800-37.
- Experience with continuous monitoring and plans of action and milestones (POA&M) management.
- Experience with assessing systems deployed in Cloud Environments.
Applicants selected will be subject to a Public Trust background security investigation and may need to meet eligibility requirements for access to sensitive information.
Clearance/Citizenship: U.S. Citizen/US Permanent Resident and able to obtain and maintain a US Public Trust clearance
Additional Information
Start Date: Immediate
Engagement Length: Permanent
Location: Rockville, MD
Experience: See Qualifications