Senior Information System Security Officer - Hamilton, United States - FWG Solutions
![Default job background](https://contents.bebee.com/public/img/bg-user-ex-1.jpg)
Description
This program supports our federal customer who plays a key role in providing direct cybersecurity engineering support. This program provides systems and security engineering and integration support to specific Government-sponsored projects, pilots, and prototypes.This includes solution planning and engineering, defining security requirements, target architecture, interoperability and integration, system testing, Verification and Validation, Modeling and Simulation, studies and analysis, post-deployment security validation (PDSV), and project risk management.
As part of this effort, you will serve as an Information Systems Security Officer who will support the Agile Release Trains (ART) in defining security requirements, translating RMF-related governance and policies as well as supporting the reduction of cybersecurity risks to our customer's environments.
As an Information Systems Security Officer (ISSO), your responsibilities will include:
Managing all aspects of an organization's information security system, for classified and unclassified systems, including researching, testing, training, and implementing programs designed to safeguard sensitive information from any possible breaches.
Spearheading Authority to Operate (ATO) and/or Authority to Proceed (ATP) efforts while making independent recommendations to Government Leads during these processes.
Creating written works to include but not limited to Plans of Action and Milestones, System Security Plans, System Specific Policies and Procedures, Configuration Management Plans, Contingency Plans and Test Results, Business Impact Analyses, and Security Impact Analyses.
Required Education, Experience, & Skills
Bachelor's degree and 7+ years' work experience or equivalent experience or 10 years related work experience, to include:
Being a self-starter who's able to work in both independent and team environments while building work relationships with SMEs across divisions.
The ability to articulate and provide a true and accurate status update on government IT systems security posture as well as overall system health to the customer in a clear and concise manner.
Experience documenting System Security Plans to include security control implementation statements.
Experience conducting periodic reviews of implementation statements to ensure persistent compliance with applicable government and agency-level policies in addition to ISO and NIST standards.
Supporting the security assessment and authorization (or ATO) process.
Analyzing testing results from scans, audits, penetration tests, or other test efforts to determine risk levels.
Hands-on experience with vulnerability management tools such as Tenable Nessus and Security Center.
Conducting Continuous Monitoring and maintaining the security posture of IT systems within on-prem, cloud, and hybrid environments.
Knowledgeable on one or more cloud computing services and technologies including but not limited to AWS, Microsoft Azure, VMware, etc.
Preferred Education, Experience, & Skills
Cyber program experience within federal customer space is a plus
Familiarization with Scaled Agile Frameworks (SAFe), agile development principles, and DevSecOps methodologies is a plus
Experience with managing vulnerabilities on virtualized IT systems and assets or virtual machines (i.e. VDI and VMware.) is a plus
Experience with SAFe Agile tools like Jira, Jira Align, or ServiceNow.
Certifications such as CISSP, CCSP, AWS, Microsoft Azure, CISA, CAP, and SAFe 6 are highly desired.