Information Systems Security Officer

Location: Quantico, VA

Overview:

IntelliBridge is an award-winning national security company looking for an Information Systems Security Officer (ISSO) to support a federal agency by evaluating, advising, and supporting the documentation, validation, and accreditation processes necessary to ensure new and existing information technology (IT) systems meet the organization’s information assurance (IA) and security requirements. Additionally, ensures appropriate treatment of risk, compliance, and monitoring assurance from internal and external perspectives to meet the needs and support the missions of the agency.

As a direct employee of IntelliBridge, you would receive a benefit package that includes health/dental/vision insurance coverage, 401K with company match, PTO & paid holidays, and annual tuition/training assistance. For more information, please visit our website.

Clearance:

• Active TS Required

Required Responsibilities/Duties:

• Five+ (5+) years of minimum practical experience in a Cybersecurity, Engineering, T&E or A&A related field.
• Proficiency across cybersecurity and IT security matters, including documentation requirements and security control implementation.
• Must be able to adjust to constant business change, including new requirements, evolving goals and strategies, and emerging technologies.
• Extensive knowledge and experience with the NIST Risk Management Framework and federal Government accreditation processes.
• Provides technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation.
• Responsible for designing and implementing solutions for protecting the confidentiality, integrity, and availability of sensitive information.
• Oversees and manages information security program implementation or other area of responsibility. Informs government strategy, personnel, infrastructure, policy enforcement, emergency planning, security awareness, and/or other resources.
• Recommends the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals, and reduce overall organizational risk.
• Use of cyber risk (GRC) management tools, such as Xacta.
• Provides technical evaluations of customer systems and assists with making security improvements.
• Participates in design of information system contingency plans and other deliverables which maintain appropriate levels of protection and meet time requirements for minimizing operations impact to customer organization as well as Security Authorization and Assessment (A&A processes).
• Conducts security product evaluations, and recommends products, technologies, and upgrades to improve the customers security posture.
• Conducts testing and audit log reviews to evaluate the effectiveness of current security measures. Directs and implements the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure, or destruction.
• Monitors security of electronic data, applications system usage, networks, and physical environment.
• Provides guidance and direction for the physical and virtual protection of information systems assets to other functional units.
• Supports all aspects of a Program Information Assurance (IA) processes tailored to include minimum qualification standards, fundamental awareness, and familiarity to demonstrated competency with specific experience in Cyber Security, Engineering, Test & Evaluation, (T&E) and/or Security Control Assessor (SCA) under a Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) process. The specialist should demonstrate a working knowledge of the Risk Management Framework (RMF) process and/or include prior experience with the Defense Information Assurance & Certification Accreditation Process (DIACAP).
• Familiarity with security policies & guidance documents to assist with the preparation and maintenance of process artifacts, traceability documents purposed for compliance with Authority to Operate (ATO) requirements.
• The specialist is expected to evaluate security solutions to ensure they meet security requirements for processing up to classified information and supervise and/or maintain the operational security posture for an information system or program.
• More senior specialists may assist or develop system security policy and ensure compliance of change management and configuration control processes. Plan and coordinate the IT security program and policies supporting the command leadership mission and goals.
• Strong writing skills to develop and maintain System Security Plans (SSP), Contingency Plans, Privacy Impact Assessments, Certification Reports, Accreditation Reports, Plan of Action & Milestones (POA&M), and other A&A documentation.
• Demonstrates oral and written communication skills to work closely with all levels of personnel involved in IT operations and technical aspects of systems.
• Advises ITSU and LD leadership team as Information Systems Security Specialist/Officer
• Primary representative for cybersecurity matters, including Science and Technology Branch (STB) reporting requirements, data calls, Office of the Chief Information Officer (OCIO) requirements, as well as legal and compliance matters relating to IT security.
• Identifies gaps, strategic impacts, financial impacts, and the risk profile in the IT security landscape and provides support and recommendations.
• Understands cybersecurity risk management and Authorization to Operation requirements, including legal aspects such as executive order 14028. Understands multifactor authentication, encryption, zero trust, and other aspects of legal requirement and DOJ/FBI recommendation or requirement.
• Performs a variety of information security/cybersecurity tasks and activities that are broad in nature and are concerned with LD systems and assets.
• Provide leadership in infrastructure migration methodologies and techniques including mass application movements into the cloud including:
  1. Design, implementation, and support of cybersecurity artifacts.
  2. Mentor existing staff on IT and cybersecurity best practices and technology.
  3. Actively participate in IT and security meetings.
  4. Manage the ATO process for LD systems and assets, including control implementation and documentation.
  5. Inform LD cybersecurity strategy.

Required Qualifications:

• Bachelor’s Degree in Cybersecurity, MIS, or equivalent technology discipline and/ or equivalent related development experience in lieu of degree.

• Possess a range of technical certifications, such as: Security+, CISSP, etc. higher-level security-related certifications.

About Us:

IntelliBridge delivers IT strategy, cloud, cybersecurity, application, data and analytics, enterprise IT, intelligence analysis, and mission operation support services to accelerate technical performance and efficiency for Defense, Civilian, and National Security & Federal Law Enforcement clients.