Internal Application: Information Systems Security Officer (ISSO)
Security | CANX1, Columbia, MD | Full Time
About Us: Innovating to solve real-world problems
At Applied Insight, we leave no stone unturned in solving our customers’ technology challenges. Supporting the Federal Government with the strongest mission focus, our solutions empower people to collaborate more effectively in delivering services vital to the nation.
On joining the Applied Insight team, you’ll be working to solve real-world problems on missions that matter with people who share your passions and encourage your ambition. It’s vital to us that we hire committed people who are great at what they do. We return that commitment by empowering them with the autonomy, the support and the tools they need to fulfill their true potential.
A day in the life (just a few of the things you may do on any given day):
- Provide Information System Security Officer (ISSO) support to ensure customer systems obtain and maintain their Authority to Operate (ATO) with a security posture in accordance with NIST SP 800-53A guidance, ICD503, CNSSI1253
- Knowledge of the security authorization processes and procedures as defined in the Risk Management Framework NIST SP800-37
- Provide IT security assessment and IT security audit functions to ensure FISMA compliance
- Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, Plan of Action & Milestone (POA&M) and System Requirements Traceability Matrices (SRTMs).
- Ensure all C&A and system security documentation (Security Plan, Privacy Threshold Analysis, Privacy Impact Assessment, e-Authentication, FIPS-199, Business Impact Analysis, Continuity of Operations, Inter-Agency Service Agreement, etc.) is kept up to date or created when needed
- Create, update and assess compliance of system Authority to Operate (ATO) packages
- Provide information security expertise to system development teams throughout the System Engineering Lifecycle process
- Ensure proper access controls are implemented for both system access and physical access to data processing facilities
- Ability to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance
- Independently manage workload and provide guidance to less experienced staff
- Track compliance with agency Vulnerabilities and Security Advisories
- Support program through system audits (FISMA, ISO, -, etc.)
What we are expecting from you (i.e. the qualifications you must have):
- **Active TS/SCI with Polygraph**
- Twelve (12) years System Security Engineering experience (B.S. in Technical Management or Computer Science may be substituted for four (4) years of experience)
- CISSP Certification
- Experienced with creating System Security Plans, Privacy Threshold Analysis, Privacy Impact Assessments, e-Authentication, FIPS-199, Security Categorization Analysis, and Business Impact Analysis
- Demonstrated expertise in, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security, activities related to Ongoing Authorization
- Knowledge of information security best practices, Enterprise Architecture
- Committed to continuous learning and system development because of the constant developing nature of cyber attacks
- Self-motivated, independent, detail oriented, responsible team player, and exhibits exceptional relationship management skills
What we are desiring from you (i.e. the nice-to-have qualifications):
- ISO 20000 / ISO 27000 experience
- Experience with Nessus Security Center, Splunk, FedRAMP, Data Centers, Tableau, AWS, and Virtualization strongly preferred.
- Experience working with the XACTA IA Manager
What we will provide in return: Excellent compensation and amazing benefits
- Multiple health insurance options from CareFirst BCBS which include a PPO plan with ZERO deductibles and an HSA plan.
- 401k Immediate Vesting. Company matches 100% of the first 3% contributed and 50% of the next 2% contributed.
- Fully paid long-term disability, short-term disability, and life insurance.
- Flexible Spending Account options.
- Generous paid time off that includes one bucket of leave to use how the employee sees fit; no separate holiday, sick, or vacation.
- Flexible work schedules with the ability to bank extra hours for additional time off.
- Semi-Annual bonuses for hours worked "over standard".
- Government shutdown protection where employees don't have to use leave for up to 3 days out of the year for inclement weather or budget issues.
- Employee centric culture and a belief that we should empower those who are good at what they do and then give them the tools they need to achieve success and grow their career.
- A commitment to learning and growth and easy ways to achieve both including a training budget, education assistance, mentorship programs and collaborative learning sessions.
- A collaborative environment that fosters communication and an open door policy.
www.applied-insight.com. EEO/AA including Vets and Disabled.