- Proactively create, monitor and update the status of POA&Ms to ensure weaknesses are resolved in accordance to their scheduled completion dates.
- Create of Waivers or Risk Acceptance Memos to assist in the effective management of system risks.
- Conduct an annual assessment in accordance with guidance in the DHS Information Security Performance Plan.
- Review and update security authorization documents as needed, but at least annually;
- Conduct Contingency Plan tests at least annually and updating the plan;
- Perform system self-assessments as part of the customer's Ongoing Authorization program;
- Monitor and respond to Information Security Vulnerability Management (ISVM)/Patch Management.
- Provide audit support for assigned systems (Financial, A-123, FISMA, internal, DHS, etc.), throughout the audit (Pre, During, and Post Audit).
- Maintain knowledge of inventory in accreditation boundary.
- Use DHS and mandated enterprise IA Compliance Tools.
- Devise a plan to certify and accredit their assigned Information system or information systems.
- Respond to emerging requirements or policies as set by legislation, regulation or policy.
- Participate in DevOps Sec (security integrated into Agile processes) requirements for assigned systems.
- Support the review and update security authorization documents as needed, but at least annually;
- Help coordinate with Privacy, Records, and Information Governance Divisions related to compliance documentation and other requirements.
- Provide audit support for assigned systems (Financial, A-123, FISMA, internal, DHS, etc.), throughout the audit (Pre, During, and Post Audit).
- Proactively ensure security requirements are included in development cycle (Waterfall, Agile, SecDevOPs).
- Use DHS and mandated enterprise IA Compliance Tools.
- Ensure CM processes are followed to ensure that any changes do not introduce new security risks.
- Support the management system Information Security Vulnerability Management (ISVM) Compliance.
- Experience leading a team of ISSOs
- Must be U.S. citizen
- Bachelors Degree and 8 years of cybersecurity experience; which must be FISMA-related OR
- No degree and 12 years of cybersecurity experience; 10 of which must be FISMA-related OR
- Masters Degree in an IT field and 6 years of cybersecurity experience; which must be FISMA-related
- Must possess one of the following certifications:
- Certified Information System Security Professional (CISSP)
- CompTIA Advanced Security Practitioner (CASP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Systems Security Certified Practitioner (SSCP)
- GIAC Information Security Professional (GISP)
- GIAC Security Leadership (GSLC)
- Applies extensive knowledge of a variety of the IA fields concepts, practices, and procedures to ensure the secure integration and operation of all systems
- Extensive specialized knowledge of financial audit standards, classified system IA requirements and Privacy Act requirements
- Specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with the Risk Management Framework.
- Specialized knowledge and experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines Knowledge and experience with the vulnerability scanning execution, assessment, and analysis
- Knowledge and experience with the operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN])
- Knowledge and experience with application security, database security, and network security
- Knowledge and experience with the vulnerability scanning, assessment, and analysis
- Knowledge and experience with the information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies
- Ability to assess and weigh current and evolving security threats in an operational environment
- Current experience providing ISSO support to DHS
- Experience supporting systems hosted in Cloud environments.
- Experience supporting systems in Agile and DevOps environments.
-
Facilities Security Officer
3 days ago
Advanced Technology Systems Company McLean, United StatesSummary · Advanced Technology Systems Company (ATSC) in McLean, VA an opportunity for an experienced Facility Security Officer (FSO). In this capacity, you will take on a specialized position for supervising, managing and administering the DoD or other government security progra ...
-
Armed Security Officer
2 weeks ago
Protection Enforcement Agency LLC McLean, United StatesJob Description · Job DescriptionBenefits:Competitive salary · Flexible schedule · Opportunity for advancement · Benefits/PerksCareer Advancement Opportunities · Competitive Compensation · Flexible Schedule · Job Summary · We are seeking a professional Armed Security Officer to j ...
-
Dexian Signature Federal McLean, United StatesInformation System Security Officer (ISSO) · Core hours: 9AM-3PM · Location: McLean, VA with minimal travel to Bethesda, MD. · Clearance: CI Poly · Position Description · • Provide information assurance support to system(s) and program · • Demonstrated experience with coordinat ...
-
Dexian Signature Federal McLean, United StatesInformation System Security Officer (ISSO) · Core hours: 9AM-3PM · Location: McLean, VA with minimal travel to Bethesda, MD. · Clearance: CI Poly · Position Description Provide information assurance support to system(s) and program Demonstrated experience with coordinating and im ...
-
Security Officer
6 days ago
GardaWorld McLean, United StatesJob Description · GardaWorld - · Security Services · Security Officer- Now Hiring Must have at least 1 year of SOC security experience · You've got the right skills. What you need is the right opportunity to unleash your potential. We agree, and we're hiring · At GardaWorld, ...
-
Information Systems Security Officer
3 weeks ago
EY McLean, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the be ...
-
Multi-Discipline Security Officer
2 weeks ago
CIA Mclean, United StatesMulti-Discipline Security Officers collect and analyze information about risks to CIA people, facilities, information, and operations and provide guidance to protect intelligence programs and methods. ...
-
Senior Information System Security Officer
1 week ago
Steampunk McLean, United StatesOverview: · Steampunk wants you to be a Senior · Information System Security Officer (ISSO) on our team · to support a government customer on site in Washington D.C. · The primary responsibilities for the position are to support all activities that ensure the level of security ...
-
Principal Information System Security Officer
4 weeks ago
Leidos McLean, United StatesDescription · We have an IMMEDIATE NEED for a Principal Information Systems Security Officer (ISSO). You will be responsible for researching, generating, and validating security controls that support the customers' Risk Management Framework (RMF) and ICD 503 Security Accreditati ...
-
Junior Security Officer
5 days ago
Cognosante McLean, United States**Security Clearance required:** · Able to obtain Public Trust · **Do you want to make a difference?** · Cognosante employees are passionate about improving peoples lives. With an innovative mindset and an unwavering commitment to those we serve, we partner with healthcare, ci ...
-
Advanced Technology Systems Company McLean, United StatesFacility Security Officer Summary Advanced Technology Systems Company (ATSC) in McLean, VA an opportunity for an experienced Facility Security Officer (FSO). In this capacity, you will take on a specialized position for supervising, managing and administering the DoD or other gov ...
-
Facility Security Officer,
6 days ago
OBXtek McLean, United StatesResponsibilities: · OBXtek is looking for a Facility Security Officer (FSO) to align business objectives with employees and management in the designated support areas of facility and personal security. The Facility Security Officer (AFSO) works for a government contractor with c ...
-
Dexian Signature Federal McLean, United StatesInformation Systems Security Officer · Expert · McLean, VA · • Provide information assurance support to system(s) and program · • Demonstrated experience with coordinating and implementing cyber security policies, standards and processes · • Maintain operational security postu ...
-
Booz Allen Hamilton McLean, United StatesGlobal Defense Business Information Security Officer · Key Role: · Bridge between business and cybersecurity, anticipating sector needs and understanding sector strategy to offer security-based advisory services. Play a pivotal role in raising cybersecurity's profile within Booz ...
-
Fantom Corporation McLean, United States· • Provide information assurance support to system(s) and program · • Demonstrated experience with coordinating and implementing cyber security policies, standards and processes · • Maintain operational security posture for system(s) through customized Risk Management Framework ...
-
FanTom Corp McLean, United StatesProvide information assurance support to system(s) and program · Demonstrated experience with coordinating and implementing cyber security policies, standards and processes · Maintain operational security posture for system(s) through customized Risk Management Framework (RMF) to ...
-
Information Systems Security Officer
2 weeks ago
EY McLean, United StatesInformation Systems Security Officer - ONSITE - Government and Public Sector · EY · EY provides consulting, assurance, tax and transaction services that help solve our client's toughest challenges and build a better working world for all. · View company page · EY focuses on h ...
-
Information Systems Security Officer
1 week ago
Ernst & Young Advisory Services Sdn Bhd McLean, United StatesPress Tab to Move to Skip to Content Link · Location: · McLean · Other locations: · Anywhere in Region · Date: · May 14, 2024 · Requisition ID: · 1505054 · EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these q ...
-
Information Systems Security Officer
5 days ago
Ernst & Young McLean, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the b ...
-
Information Systems Security Officer
3 weeks ago
EY McLean, VA, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the b ...
Principal Information System Security Officer - McLean, United States - Steampunk
Description
Overview:
Steampunk is searching for a Principal Information System Security Officer to support a government customer. The primary responsibilities for the position are to support all activities that ensure the level of security documented with the security authorization is maintained at an acceptable level of risk. The nature of the work requires that the candidate demonstrate initiative, organization, responsibility, customer service skills, and the ability to be flexible and adaptive to a fast-paced, fluid business environment. The candidate must be able to communicate effectively and decisively with all levels of the organization and be able to solve practical problems as well as exercise sound judgement with regards to sensitive and confidential information.
Contributions:Required
Preferred Skills
Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.
