JobGet Logo
​
​
​
within 20 miles
​
  • JobGet Inc.
  • Terms & conditions
  • Privacy policy
  • Accessibility policy
Information Systems Security Officer
Semper Valens Solutions
7d
Fort Meade, MD, US
339 miles away
Job Type
Full-time
Job Description

Information Systems Security Officer

Full Time Ft. Meade, MD

Secret clearance


Referral bonus: $1,000

Semper Valens Solutions is seeking a Security Analyst to join our cybersecurity team as an Information Systems Security Officer (ISSO). The ideal candidate will hold a Certified Information Systems Auditor (CISA) or Security Plus certification and possess a hands-on understanding of information security practices, risk management, and compliance. You will lead in the implementation, maintenance, and enforcement of security policies to protect sensitive data and ensure compliance with applicable regulations and standards.

Duties and Responsibilities:

Responsible for continuous monitoring activities for systems to include monitoring for security threats, performing access reviews, reviewing and developing mitigation for vulnerability assessment reports, and proposing enhancements for systems security.

  • Support security operations centers (or similar capabilities) in supporting system reviews and potential incident investigations.
  • Maintain knowledge of the security architecture and the business purpose of systems.
  • Document and maintain knowledge of all relevant NIST 800-53 controls for each IT system for which the ISSO is responsible.
  • Update SSPs semi-annually and document any changes.
  • Certify the accuracy of continuous monitoring information for assigned systems.
  • Advise on proposed architecture or configuration changes using the established change and configuration management process.
  • Certify software planned to be introduced to the production environment is evaluated and provide guidance regarding the potential for the software to introduce risk into the environment.
  • Support the agency on periodic internal and external audits including support for the execution of identified corrective action plans as needed.
  • Evaluate and advise on all access requests for privileged accounts to IT systems.
  • Support and produce any artifacts that are required for Ongoing Authorization and the NIST Cyber Security Framework (CSF).

Essential duties and responsibilities include the following: (Other duties may be assigned)

  • Perform certification assessments for assigned programs to include review of change requests; review of ports, protocols, and services; whitelist requests; self-assessments results; statements of compliance; scan and STIG reviews; systems security plans; cybersecurity control evidence and artifacts; and on-site review results.
  • Attend weekly training sessions and staff meetings to gain an understanding of changes or clarifications to procedures.
  • Required to use a variety of tools to include the Government provided resourcing tool (used to execute and on-site review), eMASS (for control reviews), Requirement Tracking System (RTS) (to submit actions for review/signature). Other tools that will be used include the PPSM database, Whitelist Tool, DoD Information Technology Portfolio Repository (DITPR), and RMF Knowledge Service.
  • Conduct security architecture reviews to ensure that the program's architecture is in compliance with STIG requirements and best practices. This technical analysis will be considered in the risk analysis and documented/included in the certification recommendation.
  • Develop customized checklists based on the security architecture, special purpose equipment, type accredited deployment guides, Unified Capabilities Approved Product List deployment guides, and required ancillary equipment.
  • Analyze Plans of Action and Milestones (POA&M) and mitigation plans for unresolved findings to determine residual risk. This shall include reviewing and analyzing submitted POA&Ms with detailed technical justification and references for mitigations and determining if the proposed solution is adequate mitigation for approval. This technical analysis shall be documented/included in the statement of residual risk.
  • Conduct a Risk Assessment to analyze threats to and vulnerabilities of an information system and the potential impact that the loss of information or capabilities of a system would have on the user communities and the mission of the organization. The resulting analysis is used as a basis for identifying appropriate and cost-effective countermeasures and to determine residual risk.

Qualifications

Education and Years of Experience:

  • Bachelor's degree in computer science, information systems, or another related field.
  • At least 10 years of experience performing or supporting the responsibilities of an ISSO in a US Government environment.
  • At least 10 years of experience in National Institute of Standards (NIST) cybersecurity standards and best practices.

Required and Desired Skills/Certifications:

  • One of the following certifications:
    • Information Systems Security Professional (CISSP)
    • Certified Information Security Manager (CISM)
    • CompTIA Security +
  • Knowledge of US Government security regulations and methodologies: FISMA, FedRAMP, and NIST special publications.

Additional Requirements: Must hold a minimum Secret security clearance.

Minimum Citizenship Status Required: Must be a U.S. Citizen


About Semper Valens Solutions:

Semper Valens Solutions, Inc. (SVS) is a Service-Disabled Veteran Owned Small Business (SDVOSB) providing Cost Effective Software and Systems Engineering, Field Support, Training and Full Life cycle Support Management to the DOD and VA community.

At Semper Valens, our vision is to remain a creative, cutting edge and cost-effective solutions provider where our shared intellect, industry experience, and technology excellence, make a positive difference in our customer's success. Our solutions help bridge the gap between IT and business prioritizations to optimize budgets, risks and operational processes.

We search for outstanding technical professionals, hiring at all levels of the experience spectrum; intermediate, journeyman and senior. Consider us for your career plan.

Semper Valens Solutions is an Equal Opportunity Employer

Semper Valens Solutions proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital/parental status, pregnancy/childbirth, or related conditions, physical or mental disability, genetic information, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with Semper Valens Solutions through its online applicant system, please contact Semper Valens Solutions Human Resources Department at (830) 899-6870.

Semper Valens Solutions is an affirmative action/equal opportunity employer - minorities, females, disabled, and protected veterans are urged to apply. Applicants have rights under Federal Employment Laws.

All Jobs at Semper Valens Solutions: https://sempervalens.com/careers