JOB OVERVIEWThe ISSO plays a critical role in ensuring the confidentiality, integrity, and availability of sensitive information and systems within government agencies. This position involves designing, implementing, and managing robust security solutions to safeguard digital assets and mitigate cyber threats. The ISSO collaborates closely with various teams, including IT professionals, security analysts, and management, to uphold the highest standards of cybersecurity in alignment with government regulations and industry best practices.
Essential Functions:- Provide support for the development of policies, standards, instructions, procedures, strategies, and communications relative to the customer's mission.
- Provide services in accordance with NIST 800-37, NIST 800-53, FISMA of 2014, and organization-level policies, directives, and guidelines.
- Security Infrastructure Design and Implementation:
- Design and deploy comprehensive security measures to protect information systems, networks, and applications.
- Develop and implement security architectures, policies, standards, and procedures that align with federal regulations and guidelines.
- Assessment Support:
- Conduct regular assessments and audits to identify potential vulnerabilities and security gaps in systems and applications.
- Ensure compliance with federal regulations, standards, and guidelines, such as NIST, FISMA, and FedRAMP.
- Collaborate with relevant teams to prioritize and address identified vulnerabilities in a timely manner.
- Incident Response and Reporting:
- Participate in incident response activities to effectively handle and mitigate security incidents and breaches.
- Contribute to the development and testing of incident response plans and playbooks.
- Continuous Monitoring:
- Utilize security tools and technologies to monitor network traffic, detect anomalies, and investigate potential security incidents to ensure continuous secure operations.
- Analyze security logs, reports, and data to identify patterns and trends indicative of unauthorized activities.
- Support internal and external audits related to information security and assist in remediation efforts.
- Plan of Action and Milestones (POA&M) Management:
- Create, manage, and report on POA&Ms for customer information systems.
Qualifications:- US Citizen with an active Top Secret Security Clearance.
- Bachelor's degree in Computer Science, Information Technology, or a related field plus 6 years of relevant experience.
- Relevant industry certifications such as CISSP, CISM, CISA, CompTIA Security+, or GIAC certifications.
- Proven experience in information security engineering, preferably in a Federal Government Agency or regulated environment.
- Strong understanding of cybersecurity frameworks, standards, and regulations (NIST, FISMA, etc.).
- Knowledge of security technologies, including firewalls, intrusion detection/prevention systems, SIEM, encryption, and authentication protocols.
- Excellent problem-solving skills and the ability to think critically in high-pressure situations.
- Strong interpersonal skills and the ability to work effectively in cross-functional teams.
- Exceptional communication skills, both written and verbal.
PHYSICAL REQUIREMENTS & ENVIRONMENTAL CONDITIONS - Inside office environment.
- Working on a computer for long periods of time.
- May involve long period of sitting at a desk.
- The work environment is fast-paced and sometimes involves extreme deadline pressures.
OTHER DUTIESThis job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
