Information Systems Security Officer II

at  SiloSmashers

Arlington, VA 22203, USA -

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate16 Feb, 2025Not Specified17 Nov, 20244 year(s) or aboveGood communication skillsNoNo
Add to Wishlist Apply All Jobs
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

SUMMARY OF POSITION

SiloSmashers is looking for an Information Systems Security Officer (ISSO) to contribute to an exciting new opportunity. The ISSO will join a team of 8-10 ISSOs ensuring compliance with internal policies, controls, and standards, as well as client and regulatory security requirements. This includes evaluating technological, operational, and process controls to evaluate the design and implementation of security controls. The individual will be responsible for supporting risk, compliance management and reporting to include risk assessments, System Security Plans, Security Assessment Reports, Vulnerability Assessment Reports, POA&M management, ISO 27001 requirements, NIST 800 Series Special Publications, Federal Information Processing Standards (FIPS), FedRAMP Authorizations, and other regulatory compliance requirements. The individual will be responsible for assisting in federal audits that may occur during their employment.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities:



    • Must have 4+ years’ experience implementing Risk Management Framework in the federal government.



      • Using the NIST Risk Management Framework (RMF) of Information security controls to measure the effectiveness of controls and identify control gaps.



        • Ensure compliance to guidance, standards and regulations such as NIST Special Publications, FIPS, FedRAMP, and other federal regulations and policies.



          • Preparing Security Authorization Packages and including documentation and Security Authorizations memorandums.



            • Identify, assess, and prioritize identified risks.



              • Collect evidence, artifacts, and document findings to support conclusions.



                • Report on compliance with internal policies, controls, and standards Provide recommendations for remediation of identified deficiencies.



                  • Communicate regularly with stakeholders to provide updates on project status and address any issues or concerns.



                    • Track and report on Plans of Action and Milestones (POAMs) (i.e., findings/deficiencies to closure).



                      • Coordinate third-party risk assessments and IT audits.



                        • Manage remediation efforts and report on the status of control deficiencies.



                          • Support security initiatives and global policy adherence and awareness efforts.



                            • Provide security expertise to business units and key stakeholders.



                              • Enforce policy adherence and manage formal policy exception requests.



                                • Provide timely status updates/reporting on assessments and assigned projects.

                                  Required Skills, Knowledge and Experience



                                  • BS/BA in Computer Science, Information Systems, Software Engineering or other related analytical, scientific or technical discipline.



                                    • CISSP or CGRC (previously Certified Authorization Professional) Certifications highly preferred.



                                      • 4+ years of experience in IT security, including SA&A and/or IT security risk analysis, preferably in support of the Federal Government.



                                        • Knowledge of Federal Government SA&A practices and policies, particularly FISMA, RMF and NIST Special Publications 800 series.



                                          • 3+ years of experience with FedRamp systems (Azure, AWS, GCP)



                                            • Ability to work independently and collaborate with application developers, engineers and others.



                                              • Must be motivated and results oriented.



                                                • Effective written and oral communication skills.



                                                  • Previous Federal Government experience is a plus.



                                                    • Experience with a GRC Tool (CSAM) is highly desirable.


                                                    REQUIREMENT SUMMARY

                                                    Min:4.0Max:9.0 year(s)

                                                    Information Technology/IT

                                                    IT Software - Network Administration / Security

                                                    Other

                                                    Graduate

                                                    Proficient

                                                    1

                                                    Arlington, VA 22203, USA