DESIGN. DISRUPT. REPEAT.

Be an agent of change on a team committed to achieving client-focused, mission-driven excellence. Steampunk is looking for an experienced Information Systems Security Officer with an appetite for taking on new challenges.
Contributions:

The ISSO serves as a Cyber Security Specialist and will perform Level II ISSO and/or ISSO support responsibilities to include:

• Ensuring the confidentiality, integrity, and availability of information systems by applying security principles, processes, and tools.
• Maintaining compliance with NIST, FISMA, RMF (Risk Management Framework), and organizational security requirements.
• Supporting the development and maintenance of security documentation including System Security Plans (SSPs), Risk Assessments, and Security Assessment Reports (SARs).
• Conducting regular security audits, system vulnerability scans, and compliance checks.
• Supporting security incident response activities and remediation efforts.
• Managing Plan of Action and Milestones (POA&Ms) to track system vulnerabilities and mitigation strategies.
• Interfacing with system owners, developers, administrators, and security personnel to address security concerns and ensure system compliance.
• Providing security guidance throughout system development lifecycle processes.
• Preparing for and supporting security control assessments and audits.
• Assisting with the development and delivery of security awareness training.

Qualifications:

JOB REQUIREMENTS

• Bachelor’s Degree in related IT field
• Ability to obtain a U.S. government Security Clearance
• Five years of IA experience; 1 of which must be FISMA-related

Required Skills

• Hands-on experience with RMF, NIST 800-53, FISMA, and related security frameworks
• Strong working knowledge of security controls, security architecture, and security assessment methodologies
• Experience with vulnerability management tools and processes
• Proficiency in developing and maintaining system security documentation
• Strong verbal and written communication skills

• Ensuring the confidentiality, integrity, and availability of information systems by applying security principles, processes, and tools.
• Maintaining compliance with NIST, FISMA, RMF (Risk Management Framework), and organizational security requirements.
• Supporting the development and maintenance of security documentation including System Security Plans (SSPs), Risk Assessments, and Security Assessment Reports (SARs).
• Conducting regular security audits, system vulnerability scans, and compliance checks.
• Supporting security incident response activities and remediation efforts.
• Managing Plan of Action and Milestones (POA&Ms) to track system vulnerabilities and mitigation strategies.
• Interfacing with system owners, developers, administrators, and security personnel to address security concerns and ensure system compliance.
• Providing security guidance throughout system development lifecycle processes.
• Preparing for and supporting security control assessments and audits.
• Assisting with the development and delivery of security awareness training