Information System Security Officer
Professional Services | College Park, MD | Full Time
About Us: Engineers solving real-world problems
Every day we support missions that matter with work across cloud infrastructure, cyber security and development operations (DevOps).
At Stratus, you will solve real-world problems, work amongst others who share your passions and feed your ambition. Our company was built by and is run by engineers who not only understand the importance of hiring those who are great at what they do, but also understand and grant the autonomy you need to achieve success. We give you the tools you need to "empower" your career.
What you will be doing:
The ISSO will interface with business and technical staff to define and analyze security requirements, and audit these requirements regularly to ensure appropriate security controls are operating correctly and as intended.
- Develops, documents and implements information security procedures to enforce compliance with information security standards and policy.
- Manage the SSP process for all current SSPs and new SSPs.
- Establishes metrics to ensure continuous improvement and ongoing compliance.
- Performs regular audits (system & program level) to monitor, measure, and report on compliance and identify residual risk.
- Conducts vulnerability analysis and threat assessments.
- Evaluates security products and recommends solutions for control enhancement.
- Provides ongoing analysis and assessment in support of incident response activities.
- Evaluates and assesses systems to support compliance verification.
- Participates in disaster recovery and business continuity planning, testing, and operations.
- Tests and evaluates incident response, disaster recovery, and business continuity plans.
- Provides subject matter expertise on information and technology related initiatives.
- Develops programs and conducts education and training in support of security awareness.
- 7+ years acting as an ISSO/ISSE.
- Certified Information Systems Security Professional (CISSP) is required.
- In depth knowledge of NIST 503, DCID 6/3 and the Certification and Accreditation Process.
- Bachelor's Degree in Computer Science, Information Assurance or related discipline.
- Top Secret ( with polygraph) Federal Government clearance is required.
- Technical experience working with systems (Linux, Windows, etc.)
- Excellent communication skills (written and oral)