Job Details
Information System Security Officer
*Hybrid out of Germantown, MD or Washington D.C.
*U.S. Citizenship Required
Job Role:
Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate high level data and cyber security risks. Designs, tests and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design.
Job Responsibilities:
Draft, review, and update Risk Management Framework (RMF) artifacts required for FISMA Compliance, including the System Security Plan, Security Categorization, Risk Assessments, Privacy Impact Assessment, Contingency Plans.
Identify unique system characteristics, interview key organizational personnel, compose requisite documentation (security categorizations, risk assessments, contingency plans, security test & evaluation reports, vulnerability assessment reports, etc.).
Ability to map complex technical requirements, functionality, and capabilities to prescribed security controls, policies, and practices.
Requires strong understanding of standards and requirements outlined by FISMA, NIST, OMB and others.
Maintains the computer and information security incident, damage and threat assessment programs.
Responsible for the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.
Responsible for system audits and ensures all corrective measures are completed.
Designs, develops, or recommends integrated system solutions ensuring proprietary/confidential data and systems are protected.
Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems.
Reviews processes and security protocols and makes recommendations for increased cyber security protection.
Minimum Qualifications
Bachelor s Degree in Computer Science or a related field or equivalent experience; Advanced Degree preferred.
5+ years of experience in systems security. 1-3 years of experience developing Cyber Security governance and policy processes and documentation, Knowledge of Federal Cyber Security policy/guidance including OMB, Executive Orders, and NIST 800 Series.
Other Job Specific Skills
Must be able to communicate effectively and clearly present technical approaches and findings.
Exercises considerable latitude in determining technical objectives of assignments.
Excellent attention to detail.
Must be able to balance multiple tasks simultaneously.
Advanced knowledge of encryption, vulnerability assessment, penetration testing, cyber forensics, intrusion detection, and incident response and remediation.
May interface with external entities including law enforcement, and intelligence/government agencies.
Exercises considerable latitude in determining technical objectives of assignment.
#cjpost