Information Systems Security Officer (ISSO)
at ASSYST Inc
Remote, Oregon, USA -
| Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
|---|---|---|---|---|---|---|---|
| Immediate | 07 Feb, 2025 | Not Specified | 07 Nov, 2024 | N/A | Privacy Act,Protection,Outlook,Hipaa,Fips,Risk Assessment,Powerpoint,Contingency Planning,Continuous Monitoring | No | No |
Required Visa Status:
| Citizen | GC |
| US Citizen | Student Visa |
| H1B | CPT |
| OPT | H4 Spouse of H1B |
| GC Green Card |
Employment Type:
| Full Time | Part Time |
| Permanent | Independent - 1099 |
| Contract – W2 | C2H Independent |
| C2H W2 | Contract – Corp 2 Corp |
| Contract to Hire – Corp 2 Corp |
Description:
ASSYST’s Information Assurance and Cyber Security Practice is seeking a mid-level Information Systems Security Officer (ISSO) to support our Federal Program. ASSYST is currently managing Cyber initiatives for various customers including Federal, State, and Local governments. Our end-to-end services cover architecture, design, policy, monitoring, detection, remediation, compliance, awareness, and training.
Primary Job Responsibilities:
- Respond to crisis or urgent situations within the system to mitigate immediate and potential threats.
- Use mitigation, preparedness, and response and recovery approaches, as needed, to maximize information security.
- Oversee, evaluate, and support the documentation, validation, and accreditation processes necessary to assure that IT systems meet the organization’s security requirements.
- Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
- Provide security advice and recommendations to leadership and staff based on NIST and FIPS guidelines
- Analyze system security assessment reports.
- Develop estimates of the security risks associated with deployment of new technologies.
- Use defensive measures and information collected from a variety of sources to identify, analyze, and report events
Requirements:
- Professional experience supporting information security/assurance programs, policies, processes, and procedures per various security frameworks/laws/standards/directives, e.g.: FISMA; OMB directives; Presidential Directives; NIST (SP-800 series; FIPS); HIPAA of 1996; Privacy Act
- Must have comprehensive knowledge of the FISMA and FEDRAMP
- In-depth knowledge of the NIST SP 800 series documents
- In-depth knowledge of the 800-53 security control requirements and standard methods for implementing them
- Practical knowledge of IT System contingency planning
- Understanding of risk assessment and risk management concepts
- Good understanding of continuous monitoring and continuous authorization concepts
- Good understanding of protection of PII and PIA concepts
- Expert use of MS Office, especially Word, PowerPoint and Outlook
- Good ability to articulate technical concepts, especially in the review process
Responsibilities:
- Respond to crisis or urgent situations within the system to mitigate immediate and potential threats.
- Use mitigation, preparedness, and response and recovery approaches, as needed, to maximize information security.
- Oversee, evaluate, and support the documentation, validation, and accreditation processes necessary to assure that IT systems meet the organization’s security requirements.
- Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
- Provide security advice and recommendations to leadership and staff based on NIST and FIPS guidelines
- Analyze system security assessment reports.
- Develop estimates of the security risks associated with deployment of new technologies.
- Use defensive measures and information collected from a variety of sources to identify, analyze, and report event
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Other
Graduate
Proficient
1
Remote, USA
