Information System Security Officer

at  Guidehouse

Washington, District of Columbia, USA -

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate26 Jan, 2025USD 163700 Annual27 Oct, 2024N/AGood communication skillsNoNo
Add to Wishlist Apply All Jobs
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

Job Family:
Cyber Consulting
Travel Required:
None
Clearance Required:
Active Top Secret (TS)
What You Will Do:

Guidehouse is seeking an Information System Security Officer (ISSO) who will be responsible for providing systems security support for Top Secret information systems for our federal client to achieve and maintain active ATO statuses for 6 systems and applications. Responsibilities include the following:

  • Reviewing and updating RMF ATO packages, policy and procedure documents, and related artifacts in accordance with applicable standards and regulations.
  • Scoping and tailoring security and privacy control baselines based on system missions and categorizations.
  • Preparing and updating security documentation and working with technical teams to support the creation and maintenance of technical documentation.
  • Performing rigorous evaluations of NIST SP 800-53 security and privacy controls using NIST SP 800-53A standards.
  • Performing walkthrough interviews and maintaining communication with a variety of client stakeholders, including system technical personnel such as network engineers and system administrators.
  • Requesting, obtaining, reviewing, and analyzing a variety of artifacts to assist in executing security and privacy control testing such as policies, plans, SOPs, system screenshots, and system configuration settings.
  • Evaluating the design and operating effectiveness of security and privacy controls using provided artifacts, industry-standard guidance, leading practices, and professional judgement.
  • Testing and documenting the results of security and privacy controls test work in a consistent and high-quality manner.
  • Analyzing, summarizing, and communicating security and privacy control assessment results to a variety of client stakeholders, including senior leadership.
  • Developing and maintaining Plans of Action and Milestones to capture identified security and privacy control shortfalls and facilitate correction.
  • Facilitating third-party security assessment activities, including direct interactions with third party security assessors.

What You Will Need:

  • An ACTIVE and MAINTAINED TOP SECRET Federal or DoD security clearance
  • Bachelor’s degree
  • THREE (3) or more years of work experience related to related to IT Security or Information Security or Information Assurance and/or Cybersecurity

What Would Be Nice To Have:

  • Experience supporting customers in a client-facing environment.
  • Experience implementing NIST SP 800-53 security controls.
  • Experience documenting and communicating security control implementation details.
  • Experience in executing all phases of the NIST SP 800-37 Risk Management Framework (RMF) process to achieve and maintain ATO certification.
  • Experience creating and updating security compliance artifacts and documentation.
  • Working knowledge of relevant federal and intelligence community requirements such as FISMA, EO 14028, CNSS instructions, and Intelligence Community Directives.
  • Understanding of Zero Trust.
  • Understanding of security considerations associated with emerging technology such Artificial Intelligence (AI).
  • Working knowledge of client Governance Risk & Compliance (GRC) tools such as XACTA or Archangel.
  • Demonstrated ability to multi-task and adapt to changing environments.
  • Demonstrated ability to offer front-line support and serve as liaison between client management and associated stakeholders for all authorization and information security related issues.
  • Demonstrated ability to use effective facilitation and presentation skills and techniques.
  • Demonstrated ability to offer solutions and convey business impacts to clients in a clear and concise manner.
  • Demonstrated ability to work collaboratively with others in a team environment.
  • Excellent written and verbal communication skills.
  • Proficiency in Microsoft Excel, Word, and PowerPoint.

The annual salary range for this position is $109,100.00-$163,700.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

  • Medical, Rx, Dental & Vision Insurance
  • Personal and Family Sick Time & Company Paid Holidays
  • Position may be eligible for a discretionary variable incentive bonus
  • Parental Leave and Adoption Assistance
  • 401(k) Retirement Plan
  • Basic Life & Supplemental Life
  • Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
  • Short-Term & Long-Term Disability
  • Student Loan PayDown
  • Tuition Reimbursement, Personal Development & Learning Opportunities
  • Skills Development & Certifications
  • Employee Referral Program
  • Corporate Sponsored Events & Community Outreach
  • Emergency Back-Up Childcare Program
  • Mobility Stipend

About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee

Responsibilities:

  • Reviewing and updating RMF ATO packages, policy and procedure documents, and related artifacts in accordance with applicable standards and regulations.
  • Scoping and tailoring security and privacy control baselines based on system missions and categorizations.
  • Preparing and updating security documentation and working with technical teams to support the creation and maintenance of technical documentation.
  • Performing rigorous evaluations of NIST SP 800-53 security and privacy controls using NIST SP 800-53A standards.
  • Performing walkthrough interviews and maintaining communication with a variety of client stakeholders, including system technical personnel such as network engineers and system administrators.
  • Requesting, obtaining, reviewing, and analyzing a variety of artifacts to assist in executing security and privacy control testing such as policies, plans, SOPs, system screenshots, and system configuration settings.
  • Evaluating the design and operating effectiveness of security and privacy controls using provided artifacts, industry-standard guidance, leading practices, and professional judgement.
  • Testing and documenting the results of security and privacy controls test work in a consistent and high-quality manner.
  • Analyzing, summarizing, and communicating security and privacy control assessment results to a variety of client stakeholders, including senior leadership.
  • Developing and maintaining Plans of Action and Milestones to capture identified security and privacy control shortfalls and facilitate correction.
  • Facilitating third-party security assessment activities, including direct interactions with third party security assessors


REQUIREMENT SUMMARY

Min:N/AMax:5.0 year(s)

Information Technology/IT

IT Software - Network Administration / Security

Other

Graduate

Proficient

1

Washington, DC, USA