Information System Security Officer

• Perform the duties of a Contractor Program Security Officer (CPSO) in support of Intelligence Community (IC)
• Collaborate, communicate and respond to internal and external stakeholders on a wide range of information security-related matters
• Apply technical depth to a variety of security-related areas to sustain or obtain system accreditation (see required skills)
• Represent function in meetings
• Manage against program milestones/deadlines to meet contract requirements
• Create and update artifacts for Body of Evidence to meet IC and DOD requirements using Xacta, ServiceNow, EMASS or similar
• Serve as the point between Program team and a variety of accreditation entities
• Write standard operating practices against policy
• Perform development of responses to Plans of Action & Milestones (POA&M)
• Maintain, update, and conduct routine vulnerability and compliance scanning across all sponsor networks using NESSUS, Rapid7, or similar
• Identify corrective actions/mitigation strategies to achieve/sustain RMF compliance
• Experience creating, maintaining, and communicating complex information technology documentation, particularly network and security documentation (security compliance, configuration management, patching, centralized authentication, removable media, etc.)

Knack Works is seeking a qualified ISSO to guide the implementation of security requirements, accreditation and monitoring of hardware and software systems. The successful candidate will have demonstrated experience working the Risk Management Framework with Department of Defense (DOD) and Intelligence Community (IC) environments. The candidate will need to maintain the security posture for an information system ensuring policies, standards and procedures are established and followed. The position will perform vulnerability/risk assessment and configuration management to support certification and accreditation assets., * 5+ years of related Security experience with DoD and IC customers

• Bachelor's degree in engineering, IT Security, Network Systems Technology or related field or 6 years of directly related experience in lieu of degree or any equivalent combination of education, experience, training and certifications
• Active TS/SCI with Poly
• Strong experience implementing information system security principles NIST 800-53,
• 800-171, NSM 8
• Ability to review, analyze, and interpret technical procedures against customer/sponsor security requirements
• Solid communication skills, both written and verbal
• Ability to effectively represent function information to customers and effectively relay information to internal stakeholders
• Strong organizing/planning skills
• Experience documenting and testing security controls
• Knowledgeable in the system accreditation process from start to ATO approval
• Must be willing to work on-site in Northern Virginia
• DoD 8570 IAT II Certification (Security+) or higher certification or ability to obtain certification within 4 weeks of starting role
• Cloud experience (AWS preferred)
• Linux experience - at least intermediate
• Window experience

Desired Requirements

• Active TS/SCI with Full Scope Poly
• Proficient in Linux/Windows

• Opportunity to grow
• Hands-on exposure to real-world network projects
• Supportive team environment with mentoring
• Competitive salary and outstanding benefits package
• Training and certification support