Senior Information Systems Security Officer (Secret)
SiloSmashers, Inc. is a strategy, technology, and management consulting firm, founded in 1992, and located in Reston, Virginia. SiloSmashers delivers superior services and solutions to the public sector in the areas of project/program management, performance management, and IT security. The company provides innovative, collaborative business approaches, and proven methodologies that enable customers to break down organizational silos and optimize operational efficiency to achieve peak performance and mission success. Come join our team!
The candidate will support a cybersecurity contract for a federal customer in the role of a Senior Information System Security Officer (ISSO). The candidate will be responsible for multiple systems and drive all aspects to attain a new Authority to Operate (ATO) designation or maintain current ATO designation. The candidate will possess detailed knowledge and expertise to manage security aspects of information systems, including physical security, personnel security, incident handling, and security awareness and training. In addition, the successful candidate will have the knowledge to leverage efficiencies regarding control inheritance, O365 controls, Amazon Web Services (AWS) and Azure controls.
The ideal candidate will be self-driven, possess the inherent interest to continue learning new technologies to solve problems and have a collaborative and continual improvement mindset in all facets of the role.
- Drives full lifecycle activities towards conducting assessment and authorization for assigned systems
- Drives full lifecycle activities towards new or maintained ATO attainment and is familiar with the NIST RMF framework
- Assists in development of the system security policy and ensures compliance with the policy on a routine basis
- Serve as the Alternate ISSO (AISSO) for designated systems
- Experience driving the security posture of assigned systems to attain the highest FISMA score
- Experience assembling integrated project teams (IPT) to include engineering, compliance, privacy, Project Management Office (PMO), information assurance teams to drive efficiencies and identify risks early and often.
- Experience and familiarity working with CSAM, Continuum, Swimlane and Archer systems
- Develops and updates the System Security Plan and ensures compliance with higher level Component objectives.
- Coordinate vulnerability and remediation scans for assigned systems and ensuring systems are online for scans and updates.
- Collaborate closely and regularly with the Operations and Maintenance (O&M) team to proactively create, monitor and update the status of Plan of Actions and Milestones (POA&Ms) to ensure remediations are implemented in alignment with scheduled completion dates.
- Performs courtesy scans on all new assets being included within the system boundaries.
- Ability to assimilate quickly and positively with a close-knit ISSO team and collaborate closely with ISSO peers to leverage solutions, solve problems and support one another
- Manages and controls changes to the system and assesses security impact of those changes.
- Coordinates with external agencies and assists in the preparation of the ISA to ensure all external connections meet protection requirements and are documented in the Security Plan, Risk Assessment, and security operating procedures.
- Collects, organizes, reviews, maintains, and approves all data and information required to ensure Certification and Accreditation (C&A) requirements are met for each test activity.
- Documentation shall include applicable national, service and local security requirements, checklists, security plan, training plan, concept of operations, contingency plans, standard operating procedures, compliance checklist, source code evaluation and all other required information.
- Must be a U.S. Citizen
- Active Secret Clearance
- Certified Information Systems Security Professional (CISSP) certification
- And ONE of the following three certifications:
- Certified Authorization Professional (CAP)
- CompTIA Security + SY0-501 or higher certification
- CompTIA Advanced Security Practitioner (CASP) certification.
- 5+ years performing information assurance audits, C&A and protective or corrective measures.
- ISSO experience supporting DHS preferred
- Active DHS EOD preferred
- Demonstrated outstanding level of professionalism in providing project review support, including ability to exercise good judgment, discretion, tact, and diplomacy supporting the federal workspace
- Strong analytical, problem-solving, and decision-making capabilities
- Strong Agile-minded perspective on iterative, continual delivery and the ability to decompose a large, complex engineering effort into smaller, executable pieces
- Focused, collaborative mindset to include all stakeholders throughout the lifecycle of an assigned system
- Deft ability to facilitate deeper technical sessions while clearly articulating highly technical discussions to non-technical stakeholders
- Strong analytical, problem-solving, and decision-making capabilities
- Team player with the ability to work in a fast-paced environment with a continuous process improvement culture
- Ability to multi-task in a fast-paced environment
- Demonstrated outstanding level of professionalism in providing project review support, including ability to exercise good judgment, discretion, tact, and diplomacy
- Sound business ethics, including the protection of proprietary and confidential information
- Excellent written and verbal communication skills; ability to understand and effectively communicate technical concepts in a compelling, persuasive manner to non-technical persons.
- Excellent ability to interact skillfully and diplomatically with numerous counterparts and rapport, including contract stakeholders and government representatives.
- Capable of working under tight deadlines and on several projects simultaneously.
- Excellent time and resource management skills.
- Proficiency in MS Office applications.
- Ability to work independently and function effectively as a member of a team and adhere to strict deadlines.
- Ability to understand and communicate technical/business solutions to personnel at all levels of the organization.
- Must be able to demonstrate extremely strong interpersonal skills, initiative, and work ethic
- Ability to work odd hours outside of standard schedule as needed, e.g. weekends or after normal work hours.
- COVID-19 continues to significantly impact our employees, families and communities. With employee health and safety as our top priority, and as a federal contractor, SiloSmashers is taking action to address the increased risk and uncertainty COVID variants pose in the workplace and ensuring we meet our commitments to national security. As directed by Executive Order 14042: Ensuring Adequate COVID Safety Protocols for Federal Contractors, effective December 8, 2021, SiloSmashers requires all newly hired employees to be fully vaccinated before their start date (providing proof) or submit an accommodations request for medical or sincerely held religious beliefs after accepting and signing extended offer.
What we offer:
SiloSmashers offers its employees opportunities to be their best in careers in management and technology consulting. There is a place at SiloSmashers for experienced professionals, transitioning military personnel, new graduates, cleared professionals, and referrals from current SiloSmashers employees. At SiloSmashers you will do important work, surrounded by professional colleagues, in a company that is dedicated to client satisfaction.
SiloSmashers strives to offer an environment where employees can achieve everything that is important to them. To support this philosophy, we provide not only competitive compensation, retirement benefits, health benefits, and work-life and wellness programs, but also leave programs, and career growth opportunities. For more information, please visit the SiloSmashers website at www.SiloSmashers.com.
SiloSmashers, Inc., is an Equal Opportunity Employer.