Position: Information Systems Security Officer


Job type: 

DIRECT HIRE

Location: 

WASHINGTON, DC

Start Date: 

DEC 19, 2018

Benefits: 

HEALTHCARE, 401K

DESCRIPTION:

  • IT Security, information assurance, and compliance supporting classified client systems.

  • Manage the remediation of POA&M items.

  • Develop and maintain system security documentation in accordance with FISMA, NIST, and CNSSI-1253 guidelines.

  • Assess security controls and facilitate timely identification, communication and recommended resolution of security risks.

  • Support customers at the highest levels in the development and implementation of doctrine and policies.

  • Participate in the development or revision of System-specific security safeguards and local operating procedures.

  • Must be proficient in administering Nessus vulnerability scans and able to perform interpretations of the vulnerability scan results to determine risk priority remediation and mitigation strategies.

  • Provide IT security consulting to system owners as to the other security documents, for example, security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, and contingency plans.

  • Work closely with certifiers and assessors to navigate the client A&A process and produce appropriate accreditation documentation.

  • Facilitate timely identification, communication and recommended resolution of security risks within assigned systems.

EDUCATION & EXPERIENCE

  • 9 - 15 years of experience and BA/BS in computer science, information systems management, mathematics, engineering, or related scientific field.

  • Experience designing and implementing the NIST Risk Management Framework

  • Experience designing, implementing, assessing and monitoring NIST 800-53 security controls

  • Experience advising in the implementation of insider threat and privacy protection

  • Experience with security assessments.

  • Experience in designing, documenting, evaluating and testing general computer controls for IT security, change management, and IT operations.

  • Experience with developing and maintaining Security A&A documentation.

  • Experience with internal controls, risk assessments, and controls design, DISA STIGS, testing, or operational auditing.

  • Strong written and verbal communication, particular for creating and presenting complete system security packages to audit teams that have achieved ATO status

  • CAP, CISA, or CISSP certification preferred or equivalent security certification

  • Security Clearance: TS/SCI 


SONNY GUPTA, PARTNER

(o) 804-527-5295

(c) 804-516-2168

Name *
Name