Information Systems Security Officer (ISSO)

Employer
GovFirst
Location
Washington, DC
Posted
Nov 16, 2022
Closes
Nov 30, 2022
Ref
717733510
Hours
Full Time
*GovFirst* is currently seeking an ISSO to support our client directly in *Washington DC*Our client is a rapidly growing company primarily focused on providing information technology (IT) support services and personnel to a variety of commercial and government customers for long-term contracts.The ISSO will support a Joint Service Provider (JSP) Cyber Security Task Order in Arlington, VA. JSP performs a wide variety of services and functions required to secure the information security posture for DoD services.This is a hybrid position allowing 50% remote work after a brief ramp-up period (the first 2-3 weeks will be 100% onsite during onboarding, then time will be split 50/50 onsite/remote).*Requirements** Conduct cybersecurity related audits, inspections, vulnerability assessments, compliance assessments, Security Readiness Review (SRR), and ensure compliance with Cyber Security Service Provider (CSSP) and Command Cyber Readiness Inspection (CCRI) evaluation criteria.* Execute Site Assistance Visits (SAVs) to ensure regulatory compliance with Command Cyber Operational Readiness Inspection (CCORI), Public Key Infrastructure (PKI), North Atlantic Treaty Organization (NATO), and Balanced Survivability Assessment (BSA).* Track and report completion/closure of inspection findings documented in POA&Ms and other action item in the Inspection Findings Reports* Identify systems and assets that are not sufficiently assessed through automated scanning or routine, periodic assessments and recommend and/or conduct customized, manual assessments of systems as required to ensure proper evaluation for compliance.* Track and maintain Post Inspection Finding Remediation and Plan of Actions and Milestones (POA&M) Status Report for all inspections.* Validate remediation of the findings or submit the artifacts/or POA&Ms to inspecting organization for approval.* Perform technical, operational, and non-technical CCRI evaluation areas including, internal and external network infrastructure, Domain Name System (DNS), internal network vulnerability scan, wireless and mobile security, enclave security, Host Based Security System (HBSS), configuration reviews, traditional/physical security, releasable (REL) networks, database security, cross domain solutions, Voice over Internet Protocol (VoIP), Voice over Secure Internet Protocol (VoSIP), Video Teleconference (VTC), exchange services, different operating systems (specifically UNIX, Windows, Linux), web servers, REL networks and compliance directives.* Experience with STIGs, eMASS, CCRI, or any other cyber related inspections.*Clearance Required: ** TS/SCI*Certification Required: ** DoD 8570 IAT Level II Compliant (ie Security+, CySA etc.)*Education Required: ** Bachelor's degree and 4-8 years' directly relevant experience (additional experience maybe considered in lieu of degree).*NOTE: ** Applicant selected for this position must have a current security clearance.* US Citizenship required.* Chosen applicants will be required to pass pre-employment drug screening, credit, and a criminal background check.We are an Equal Opportunity Employer, Females/Minority/Veterans/Disabled/Sexual Orientation/Gender Identity/Religion/National OriginJob Type: Full-timeSchedule:* 8 hour shiftAbility to commute/relocate:* Washington, DC 20301: Reliably commute or planning to relocate before starting work (Required)Application Question(s):* Do you have an active TS/SCI clearance or higher?* Are you comfortable with working a hybrid model? Initially in the office 2-3 weeks as a starting ramp up and then 50% remote work.License/Certification:* Security+ or CySA, IAT Level II Compliant? (Required)Work Location: Hybrid remote in Washington, DC 20301