Job Description
Job Description
Job Description
BACKGROUND
SiloSmashers is seeking a highly experienced Senior ISSO to join its growing contract supporting a federal government agency.
The candidate will support a cybersecurity contract for a federal customer in the role of a Senior Information System Security Officer (ISSO). The candidate will be responsible for multiple systems and drive all aspects to attain a new Authority to Operate (ATO) designation or maintain current ATO designation. The candidate will possess detailed knowledge and expertise to manage security aspects of information systems, including physical security, personnel security, incident handling, and security awareness and training. In addition, the successful candidate will have the knowledge to leverage efficiencies regarding control inheritance, O365 controls, Amazon Web Services (AWS) and Azure controls.
The Senior ISSO role supports multiple projects and the successful candidate is expected to be highly organized, have the wherewithal to prioritize, over-communicate, plan and tightly coordinate with a variety of stakeholders, while driving day-to-day work to completion.
The ideal candidate will be self-driven, possess the inherent interest to continue learning new technologies to solve problems and have a collaborative and continual improvement mindset in all facets of the role.
ROLE RESPONSIBILITIES:
- Drives full lifecycle activities towards conducting assessment and authorization for assigned systems
- Drives full lifecycle activities towards new or maintained ATO attainment and is familiar with the NIST RMF framework
- Assists in development of the system security policy and ensures compliance with the policy on a routine basis
- Serve as the Alternate ISSO (AISSO) for designated systems
- Experience driving the security posture of assigned systems to attain the highest FISMA score
- Experience assembling integrated project teams (IPT) to include engineering, compliance, privacy, Project Management Office (PMO), information assurance teams to drive efficiencies and identify risks early and often.
- Experience and familiarity with CSAM, Swimlane, Splunk, CrowdStrike and the Tenable suite
- Develops and updates the System Security Plan and ensures compliance with higher level Component objectives.
- Coordinate vulnerability and remediation scans for assigned systems and ensuring systems are online for scans and updates.
- Collaborate closely and regularly with the Operations and Maintenance (O&M) team to proactively create, monitor and update the status of Plan of Actions and Milestones (POA&Ms) to ensure remediations are implemented in alignment with scheduled completion dates.
- Performs courtesy scans on all new assets being included within the system boundaries.
- Ability to assimilate quickly and positively with a close-knit ISSO team and collaborate closely with ISSO peers to leverage solutions, solve problems and support one another
- Manages and controls changes to the system and assesses security impact of those changes.
- Coordinates with external agencies and assists in the preparation of the ISA to ensure all external connections meet protection requirements and are documented in the Security Plan, Risk Assessment, and security operating procedures.
- Collects, organizes, reviews, maintains, and approves all data and information required to ensure Certification and Accreditation (C&A) requirements are met for each test activity.
- Documentation shall include applicable national, service and local security requirements, checklists, security plan, training plan, concept of operations, contingency plans, standard operating procedures, compliance checklist, source code evaluation and all other required information.
SOFT SKILLS:
- Critical thinking, analytical thinking, deep understanding of Cisco routing/ switching, strong ability to ID and correct, and isolate, and troubleshoot network issues.
- Inherent experience with collaborating with cross-functional teams within the organization, and other offices to ensure the integration and compatibility of network solutions with other IT systems and applications.
- Strong "solutions-oriented" and collaborative mindset to drive solutions and execution for the good of the mission and team.
- Excellent written and verbal communication skills; ability to understand and effectively communicate technical concepts in a compelling, persuasive manner to non-technical persons.
- Excellent ability to interact skillfully and diplomatically with numerous counterparts and build rapport, including contract stakeholders, government representatives and vendors
- Proven proficiency facilitating challenging conversations across all levels of the organization
- Must have a high level of EQ to "bring out the best" in team members, both internal and external
- Experience and composure to be the conductor of a very complex and challenging technical "orchestra."
- Solid goal-oriented thinking, while possessing the business acumen to align projects to business outcomes
- Flexibility and ability to swiftly adapt to a customer environment and positively integrate oneself
- Strong analytical, problem-solving, and decision-making capabilities, with a data-driven mindset
- Team player with the ability to work in a fast-paced environment with a continuous process improvement culture Demonstrated outstanding level of professionalism in providing project review support, including ability to exercise good judgment, discretion, tact, and diplomacy
- Sound business ethics, including the protection of proprietary and confidential information
POSITION REQUIREMENTS
- Must be a U.S. Citizen
- Bachelor's Degree
- Active Top Secret Clearance
- At least 15 years performing information assurance audits, C&A and protective or corrective measures, 5 of which must be FISMA-related
- Certified Information Systems Security Professional (CISSP) certification
- AND
- ONE of the following three certifications:
- Certified Authorization Professional (CAP)
- CompTIA Security + SY0-501 or higher certification
- CompTIA Advanced Security Practitioner (CASP) certification.
Pluses:
- Currently supporting a DHS Component
- Previous experience supporting a DHS Component
- Possesses an active DHS EOD
Job Posted by ApplicantPro
Job Tags
Contract work, Local area,