Information System Security Officer (ISSO)
Job Description Information System Security Officer (ISSO) Type: Full Time WORK LOCATION Laurel, MD GENERAL RESPONSIBILITY The ISSO/Certifier will use Federal Certification and Accreditation (C&A) processes to research, verify and document information security controls in order for the "systems" to be accredited. Communicate and enforce security policies, procedures and safeguards for all systems and staff, based upon NIST. Analyze and advise on the risk and remediation of security issues based on reports from vulnerability assessment scanners, patch management tools, ad emerging threat information. Initiate, coordinate and track the patching and remediation of security weaknesses as they are discovered, via a "Plan of Actions and Milestones" (POAM). Report on security status and security incidents. Conduct Security Authorization document reviews. Create and compile Authorization packages to include: Designation Letters, Security Plans, Contingency Plans, SOPs. Conduct meetings with Government leadership and briefing on the State of Security for the systems in their purview. Coordinate with the appropriate operational group to accurately update the System Design Document for each IT system. Assist in maintaining all configurations, architecture, installed software, accounts, data flows, ports, protocols, and other relevant data for each IT System and capture in design documents. Work with auditors to identify Key Controls which must be assessed on a recurring annual basis. Work closely with the vulnerability management team to solve POAMs EDUCATION BA/BS or higher preferred, in Computer Science, Information Systems, Software Engineering or other related analytical, scientific, or technical disciplines. REQUIRED US Citizenship required Prior work experience in IT security, including Certification and Accreditation and/or IT security risk analysis/advice, preferably in support of the Federal government. Knowledge of Federal government C&A practices and policies, particularly, FISMA and NIST SP 800-53. Experience with information assurance tools preferred. Ability to work independently and also collaborating closely with application developers, engineers and others. Must be self-motivated and results oriented. Effective written and oral communication skills. Previous experience in or working for the government a plus. Working knowledge of Ongoing Authorization within the NIST Framework Company Description A-Tech Systems, Inc. (A-Tech) is a professional service firm, comprised of skilled professionals with extensive experience in IT support, information assurance, business solutions, and logistics services. Established in 2002, A-Tech is headquartered in Laurel, Maryland. A-Tech has built its reputation by providing quality Information Technology (IT) services and products to Federal, State and Local government agencies as well as commercial clients.