Information Systems Security Officer with Security Clearance - Rockville, MD, United States - TRIAEM LLC

    TRIAEM LLC
    TRIAEM LLC Rockville, MD, United States

    1 month ago

    Default job background
    Technology / Internet
    Description
    Providing exceptional solutions for our customers requires proven experience and positive results
    At TRIAEM, we care and invest in our people to ensure they are prepared to deliver superior services across a wide array of mission challenges
    We specialize in systems engineering & architecture, scientific & technological analysis, data management, and cyber security solutions
    With over ten years of experience supporting the US Government and International Partners, we know what it takes to ask the right questions, capture the right information, and deliver timely, accurate solutions
    Caring and investing in our people means an environment where you can learn and grow while continuously being challenged
    We offer industry-leading benefits and paid time off that allow you to focus on supporting our customers while maintaining the important work/life balance
    If you are looking for a company that values you as an individual and welcomes your ideas, contributions, and experience, TRIAEM is the place for you Job Description Job Description TRIAEM supports our federal customer who plays a key role in providing direct cybersecurity engineering support
    This program provides systems and security engineering and integration support to specific Government-sponsored projects, pilots and prototypes
    This includes solution planning and engineering, defining security requirements, target architecture, interoperability and integration, system testing, Verification and Validation, Modeling and Simulation, studies and analysis, post-deployment security validation (PDSV), and project risk management
    As part of this effort, you will serve as an Information Systems Security Officer who will support the Agile Release Trains (ART) in defining security requirements, translating RMF related governance and policies as well as supporting the reduction of cybersecurity risks to our customer's environments
    As an Information Systems Security Officer (ISSO), your responsibilities will include:


    • Managing all aspects of an organization's information security system, for classified and unclassified systems, including researching, testing, training and implementing programs designed to safeguard sensitive information from any possible breaches.
    • Understanding the Risk Management Framework (RMF), and how risk management is executed, what risk means, and how to analyze it.
    • Spearheading Authority to Operate (ATO) and/or Authority to Proceed (ATP) efforts while making independent recommendations to Government Leads during these processes.
    • Conducting risk analysis from vulnerability and compliance scans, pen testing results, or other audit activity.
    • Creating written works to include but not limited to Plan of Action and Milestones, System Security Plans, System Specific Policies and Procedures, Configuration Management Plans, Contingency Plans and Test Results, Business Impact Analyses, and Security Impact Analyses.
    • Participating in Agile Planning Events to provide technical input
    Required Education, Experience, & Skills Bachelor's degree and 7+ years work experience or equivalent experience or 10 years related work experience, to include:


    • Being a self-starter who's able to work in both independent and team environments while building work relationships with SMEs across divisions
    Additionally, must be comfortable with cyber security and able to brief issues to the customer.


    • The ability to articulate and provide a true and accurate status update on government IT systems security posture as well as overall system health to the customer in a clear and concise manner.
    • Experience executing the NIST Risk Management Framework (RMF) and applying security practices found in NIST publications
    (i.e
    SP 800-53, SP 800-30, SP 800-60, FIPS 199, FIPS 140-2, etc.)


    • Experience documenting System Security Plans to include security control implementation statements.
    • Experience conducting periodic reviews of implementation statements to ensure persistent compliance with applicable government and agency level policies in addition to ISO and NIST standards.
    • Experience validating the implementation of security controls within a cloud environment (AWS or Azure).
    • Supporting the security assessment and authorization (or ATO) process.
    • Analyzing testing results from scans, audits, penetration tests, or other test efforts to determine risk levels.
    • Hands-on experience with vulnerability management tools such as Tenable Nessus and Security Center.
    • Conducting Continuous Monitoring and maintaining the security posture of IT systems within on-prem, cloud, and hybrid environments.
    • Knowledgeable on one or more cloud computing services and technologies including but not limited to: AWS, Microsoft Azure, VMware, etc.
    • Familiarization with the Microsoft Office 365 Suite
    (i.e
    Word, PowerPoint, SharePoint, Excel, etc.) Preferred Education, Experience, & Skills


    • Cyber program experience within federal customer space a plus
    • Familiarization with Scaled Agile Frameworks (SAFe), agile development principles, and DevSecOps methodologies are a plus
    • Experience with managing vulnerabilities on virtualized IT systems and assets or virtual machines (i.e
    VDI and VMware.) is a plus


    • Experience with SAFe Agile tools like Jira, Jira Align, or ServiceNow.
    • Certifications such as CISSP, CCSP, AWS, Microsoft Azure, CISA, CAP, and SAFe 6 are highly desired

    Clearance:

    Secret and ability to acquire a TS Location:

    • Hybrid and onsite location is Sterling when required Skills & Requirements Qualifications TRIAEM LLC is an Equal Opportunity/Affirmative Action employer
    All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, sexual orientation/gender identity, religious creed, national origin, citizenship, marital status, sex, age, or genetic information
    Applicants may be subject to a background investigation based on job requirements
    TRIAEM Prohibits Discrimination and Harassment of Any Kind; we are committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment
    All employment decisions at TRIAEM are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, family or parental status, or any other status protected by the laws or regulations in the locations where we operate
    TRIAEM will not tolerate discrimination or harassment based on any of these characteristics.