Job Details
** Information System Security Officer**
** Aderas, Inc - Rockville, MD**
Aderas is seeking a highly motivated, flexible, organized, and detail-oriented A&A Cyber Security Team Lead to join our dynamic team in Rockville, MD. If you want to learn, grow, and help then this is the job for you. We support a project/customer that "seeks to better understand, treat, and ultimately prevent infectious, immunologic, and allergic disease seeks fundamental knowledge about the nature and behavior of living systems and the application of that knowledge to enhance health, lengthen life, and reduce illness and disability. What you do matters and has a significant impact on the medical and scientific communities we serve.
**Responsibilities**
* Lead a team of ISSOs and Assessors that develop and maintain Authority to Operate (ATO) security documentation for all organization systems and authorization boundaries.
* Work with POA&M managers and system owners to oversee the work effort toward the closure of POA&Ms resulting from assessment and vulnerabilities.
* Review, Analyze & make recommendations based upon technical and administrative needs to mature the posture of the Cyber Security program.
* Performing oversight and managing the processes for performing A&A efforts that meet and comply with NIST guidelines and meet FISMA regulations.
* Support a client as a Sr. SME for assessment and authorization (A&A), including A&A efforts for various agency systems.
* Maintain responsibility for supporting federal clients obtaining the authority to operate (ATO) for new and modernized systems.
* Adhere to the NIST Risk Management Framework (RMF) to support the A&A process, including analyzing the development of supporting policies, procedures, and plans, designing and implementing security controls, testing and validating security controls, and analyzing and tracking corrective action plans.
* Ensure all supporting artifacts and results will be documented in the organizations A&A repository.
**Job Requirements**
* BA or BS degree in MIS, CS, or related cyber-security discipline (Masters preferred).
* Previous experience in role of an ISSO/Assessor a huge plus
* 10+ years of experience with certification and accreditation (C&A) or A&A.
* 10+ years of experience as a security control assessor or validator.
* 10+ years of experience with maintaining IT security policies, processes, and guidance.
* Experience with NIST special publications (SPs) regarding the SA process, including SP 800-53, SP 800-137, and SP 800-37.
* Experience with continuous monitoring and plans of action and milestones (POA&M) management.
* Experience with assessing systems deployed in Cloud Environments.
Applicants selected will be subject to a Public Trust background security investigation and may need to meet eligibility requirements for access to sensitive information.
**Clearance/Citizenship:** U.S. Citizen/US Permanent Resident and able to obtain and maintain a US Public Trust clearance
Join the Aderas team!
At Aderas, we are looking to recruit and retain only the best and brightest. If you like working with emerging technologies, using your unique personal skills to solve technical, functional, and organizational issues, and can easily adapt to the ever-changing IT market, then Aderas is the place for you! We are a vibrant company delivering implementation services & support for enterprise solutions and custom application development. We strive to form long-term partnerships with our clients to foster an environment based on trust, a proven history of delivery, and camaraderie.
We sincerely try to shape our employees' lives by administering a generous package of employee benefits. Our company culture encourages collaboration, creative thinking, and growth. Headquartered in Reston Town Center, in Reston, VA, the Aderas main office is a short step away from shopping, dining, and a movie theater.
Beyond the tangible and intangible rewards, Aderas provides the following:
* Pay for Life, AD&D, Short term disability, and Long term disability at no cost to the employee.
* Employer contribution toward monthly health insurance premiums.
* 401k plan which employees are eligible for after being with the company for 3 months.
* Safe Harbor plan in which Aderas contributes 3% of employee salary once a year.
* A week of paid training and reimbursement for approved professional courses and tests.
* Monthly allowance for cell phone bills.