Information System Security Officer

Employer
Eclat Services
Location
Washington, DC
Posted
Apr 20, 2017
Closes
Apr 21, 2017
Industry
Security
Hours
Full Time
No third party solicitation. Only GC or US Citizen can apply. Clearance: Secret or Higher SUMMARY The Information Systems Security Officer (ISSO) will provide support extending to all aspects of IT services including: on-prem and cloud applications; desktop and laptop computers; Wide Area Network/Local Area Network connectivity; and software and hardware acquisition and installation. The ISSO will be responsible for providing risk and vulnerability assessments, reports, and develop documentation as required per customer. The ISSO will be expected to develop and maintain Security Authorization packages in accordance with DoED and NIST standards and guidelines. ESSENTIAL FUNCTIONS . Oversee large and highly complex projects. . Create project teams, assign individual responsibilities, create project schedules, and determine and acquire resources needed. . Ensure familiarization with the entire scope and requirements of the projects and serve as a liaison between team members and functional area management requesting the project. . Serve as the source of technical expertise with regards to maintaining and improving the DoED's RMF implementation. . Provide strategic guidance and recommendations for strategic planning and improvements to security activities. . Develop, update, and maintain standard operating procedures (SOPs) and management directives to support the Information Security Division, the Network Security Operations Center, and the broader DoED community. . Provide tactical production operations support and SA&A services. . Develop and adhere to an effective Quality Control Program to ensure services are performed in accordance with government requirements. QUALIFICATIONS Required Skill and Experience: . A minimum of three (3) years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field. . Experience with leading and directing the work of others. . Demonstrates a proficiency with developing, maintaining and managing Security Assessment and Authorization (SA&A) packages. . Knowledge of information security/risk management standard concepts, practices, and procedures within program management. . Experience with developing and managing Plans of Action & Milestones (POA&Ms). . A holistic understanding and knowledge of the Risk Management Framework (RMF) as defined by National Institute of Technology (NIST) Special Publication (SP) 800-53 NIST SP 800-53 Rev4, Security and Privacy Controls for Federal Information Systems and Organizations; . Demonstrated experience with NIST SP 800-53A Rev4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations . Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment. . Possession of excellent documentation skills. . Possession of excellent oral and written communication skills. . Experience conducting Security Control Assessments (SCA) . Preferred experience with FedRAMP documentation and package development/review Education: . Bachelor's degree or higher in computer science, Information Technology, Information Security, or similar fields. Certifications: . A minimum of at least one (1) certification must be active relating to information security such as: o Certified Information Systems Security Professional (CISSP); o GIAC security certification (eg GCIH, GWAPT, GPEN, GSLC, etc.) o CompTIA Security + o CEH Work Location and Core Hours:Washington DC