Position Title: DHS Information Systems Security Officer (ISSO) Senior
Location: Downtown D.C. near the Metro Center.
Clearance: TS/SCI
Job description:
Our great client is on contract to provide division-wide support for Federal Information Security Modernization Act (FISMA) compliance, execution of the Risk Management Framework (RMF) process to achieve and maintain Authority to Operate (ATO) security authorizations, and deliver cyber security compliance for DHS operational mission systems. We are looking for personnel to support our DHS customer in achieving its mission of providing division-wide cyber security support for operational mission systems and assisting programs as they navigate the ATO process. The result of these efforts will be that the systems meet all the requirements for ATO approval before they are officially submitted to the Office of Chief Information Officer (OCIO).
Job Summary
- Assist in the development, implementation, and maintenance of security policies, procedures, and standards for DHS IT systems and networks.
- Conduct and participate in security assessments and audits, identifying vulnerabilities and recommending corrective actions.
- Monitor security events and incidents, investigating suspicious activity and taking appropriate action to mitigate risks.
- Manage security awareness and training programs for DHS personnel.
- Collaborate with IT teams and system owners to integrate security controls into system development and implementation processes.
- Stay current with evolving security threats, vulnerabilities, and industry best practices.
- Document security policies, procedures, and activities.
Qualifications:
- 12+ years of direct experience serving as an Information Systems Security Officer (ISSO) within the DoD/Federal Government. Experience within the Intelligence Community and Law Enforcement is a strong plus.
- Demonstrated understanding of information security principles and best practices, including network security, system security, encryption, and incident response.
- Proficiency in various security assessment methodologies and tools, including vulnerability scanning, penetration testing, and configuration review.
- Experience with relevant security frameworks and standards, such as NIST Cybersecurity Framework, FISMA, RMF, and DoD IA controls.
- Experience with OpenRMF is a strong plus
- Excellent analytical and problem-solving skills.
- Strong written and verbal communication skills.
- Ability to work independently and as part of a team.
Education
Bachelor's degree or higher in Cyber Security plus CRISC, GISP, CASP, CISSP, or other advanced security-related certifications. Additional relevant experience may be considered in lieu of a degree.