Information System Security Officer - Secret
Security | Fulton, MD | Full Time
About Us: Innovating to solve real-world problems
At Applied Insight, we leave no stone unturned in solving our customers’ technology challenges. Supporting the Federal Government with the strongest mission focus, our solutions empower people to collaborate more effectively in delivering services vital to the nation.
On joining the AI team, you’ll be working to solve real-world problems on missions that matter with people who share your passions and encourage your ambition. It’s vital to us that we hire committed people who are great at what they do. We return that commitment by empowering them with the autonomy, the support and the tools they need to fulfill their true potential.
A day in the life (just a few of the things you may do on any given day):
- Researching, developing, implementing, testing, and reviewing CWMD’s system’s cyber security to protect information and prevent unauthorized access.
- Informing users about security measures, explain potential threats, install software patches, implement security measures, and monitor networks.
- Gathering information necessary to maintain security and establish functioning external barriers such as firewalls and other security measures.
- Defining, creating, and maintaining the documentation for DHS certification and accreditation of the system and its minor tenant applications in accordance with NIST and DHS requirements.
- Assessing the cyber security impacts on system modifications and technological advances.
- Assessing the privacy impacts on the system. Completing all required DHS privacy documentation.
- Reviewing the system and its tenant applications to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes, and document upgrades.
- Developing detailed security standard operating procedures that implement agency security policy.
- Updating Security Plans and control descriptions in IACS for systems on an as needed basis.
- Updating security procedures.
- Evaluating, recommending, and implementing security controls.
- Monitoring the intrusion detection/prevention systems, firewalls, security event manager, and other tools as necessary.
- Developing and maintaining the security and network architecture that implements relevant security laws, regulations, and policies.
- Implementing capability to research and investigate possible security breaches and incidents.
- Documenting exceptions to security profiles and policies, where the exceptions are applied.
- Recommending approval or rejection of proposed tenant software application security design.
- Recommending alternative approaches to system developers to address security issues.
- Ensuring that security best practices are utilized in the design, implementation, and testing of the system and tenant applications.
- Ensuring that audit trails are reviewed periodically, (i.e. weekly or daily). Also, that audit records are archived for future reference, if required.
- Initiating protective or corrective measures if a security problem is discovered. Reporting the system’s security status and security incidents in accordance with DHS instructions and procedures when the system is compromised.
- Evaluating known vulnerabilities to ascertain if additional safeguards are needed. Maintaining a plan for site security improvements and progress towards meeting the accreditation.
- Keeping up to date on the DHS and industry cyber security requirements for cloud environments.
You will excel in this role if you are:
- A great communicator: Able to be a “technology translator” for our customers and users on a daily basis.
- Motivated: Looking to learn new things. We encourage cross training and learning new skills in our lab environment is possible every single day.
- A problem solver: Able to work through technical issues and critically think through new solutions.
- Good communications skills: both written and verbal.
- A team player: We value our team mentality!
What we are expecting from you (i.e. the qualifications you must have):
- Bachelor's and 7 years of technical experience.
- Experience with AWS or Azure.
- Experience with ACAS, HBSS, other security applications.
- Security+ CE or equivalent.
- Current Secret clearance.
What we will provide in return: Excellent compensation and amazing benefits
- Multiple health insurance options from CareFirst BCBS which include a PPO plan with ZERO deductibles and an HSA plan.
- 401k Immediate Vesting. Company matches 100% of the first 3% contributed and 50% of the next 2% contributed.
- Fully paid long-term disability, short-term disability, and life insurance.
- Flexible Spending Account options.
- Generous paid time off that includes one bucket of leave to use how the employee sees fit; no separate holiday, sick, or vacation.
- Flexible work schedules with the ability to bank extra hours for additional time off.
- Semi-Annual bonuses for hours worked "over standard".
- Government shutdown protection where employees don't have to use leave for up to 3 days out of the year for inclement weather or budget issues.
- Employee centric culture and a belief that we should empower those who are good at what they do and then give them the tools the need to achieve success and grow their career.
- A commitment to learning and growth and easy ways to achieve both including a training budget, education assistance, mentorship programs and collaborative learning sessions.
- A collaborative environment that fosters communication and an open door policy.
www.applied-insight.com. EEO/AA including Vets and Disabled.