Information Systems Security Officer

Company: Stage 2 Security
Location: Ashburn
Posted on: April 9, 2021

Job Description:

Stage 2 Security (S2) is currently seeking a Sr. Information Systems Security Officer (ISSO) in the Northern Virginia area.

We are looking for an ISSO who is a cyber security leader and who understands both the administrative and technical challenges of managing cyber security for a single system or multiple systems, on premise and in the cloud, throughout the system's lifecycle. This position requires an engaged ISSO who stays current the latest best practices, threats and cyber-related laws and policies. If you are a cyber security practitioner with excellent communication skills, and leadership mindset, S2 is a great place to build experience and immerse yourself in the industry. As a wholly focused cyber security company, we encourage career-building learning, open dialog, innovative idea sharing. Join a team to play a big part in promoting cyber security for interesting clients.

Responsibilities:

• Performs the steps involved in the successful execution of the Risk Management Framework (RMF) including generation of documentation, controls compliance testing, and continuous monitoring activities for assigned systems.
• Works with IT or other stakeholders to assist in performing an initial system assessment to ensure required security controls are implemented and operating correctly before a system is authorized for production.
• Ensures IT staff and users follow established information security policies and procedures to protect, operate, maintain, and dispose of systems and data in accordance with security policies and practices as outlined in the assessment and authorization packages.
• Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
• Confirms IT staff continuously apply system patches, service packs, and anti-virus updates to all systems, and complies with change management processes to address vulnerabilities in a timely manner.
• Monitors user accounts and roles to ensure they are created, modified, disabled, or removed in accordance with the organization's policies and procedures.
• Clearly communicates and in simple terms what your assigned system(s) require with regards to security related policies, procedures, documentation, and remediation actions.
• Understand the process of creating and coordinating Plans of Action and Milestones (POAMs), waivers and related subject matter, such as compensating controls, impact to the system, likelihood and residual risk.
• Reviews and manages POA&Ms, waivers, and associated actions to ensure target dates are met and waivers are renewed.
• Ensures assigned information system(s) are operating according to security policy and guidance.
• Develops and implements information assurance/security standards and procedures.
• Supports customers at the highest levels in the development and implementation of doctrine and policies.
• Analyzes and defines security requirements for computer systems which may include servers, cloud, network systems, or endpoints.
  
  Qualifications:
  
  
  • US citizenship required
  • Has held CBP Public Trust or can receive an CBP BI investigation
  • Ability and willingness to commute to Ashburn, VA on a regular basis
  • 5+ years of experience in an ISSO role
  • Familiarity with various NIST publications like FIPS 199, SP 800-37, SP 800-53, SP 800-63
  • Understanding of audit requirements for a variety of operating systems, applications, and/or databases
  • Ability to review audit logs and scan results for vulnerabilities and risks
  • Working knowledge of operating systems (e.g. Windows, macOS, Linux, etc.) commonly deployed in enterprise networks.
  • Strong logical/critical thinking abilities for analyzing security events (e.g. Windows event logs, network traffic, IDS events) and looking for malicious intent.
  • Ability to clearly write, evaluate, and discuss security plans and artifacts with various stakeholders such as technical engineers, developers, or executive leadership.
  • College Degree Preferred
    The Benefits:
    
    S2 is a small business where people come first, and we know and care about each and every employee. This drives us to provide the best possible benefits and we believe that the benefits we offer are a notch above the rest.
    
    The Benefits at S2 include:
    
    
    • Medical & dental insurance premiums are 100% paid by S2 for the employee and eligible dependents
      • Up to $100 per month reimbursed for mobile phone expenses
      • Up to $50 per month reimbursed for home Internet access
      • Expenses paid for approved work-related trainings & conferences
      • Eligibility to participate in our 401k program after 90 days of employment
      • Competitive salary, which is paid semi-weekly (twice per month)
      • Participation in S2 Unlimited PTO Program
      • 10 paid government holidays annually
        Stage 2 Security welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.
        
        If you are looking to make an impact, Stage 2 Security is the place for you.
        
        Powered by JazzHR
        
        dgpiXMDLY2

Keywords: Stage 2 Security, Germantown , Information Systems Security Officer, IT / Software / Systems , Ashburn, Maryland