Sr. Information Systems Security Officer (ISSO) for DHS/TSA
Role details
Job location
Tech stack
Job description
This is a high profile, dynamic work environment supporting the front lines of our Homeland Security. The position shall serve as the Information Systems Security Officer (ISSO) for information assurance activities at the IT system level.
The ISSO shall ensure that management, operational, and technical controls for securing either National Security Systems or SBU level Information Systems are in place and are followed. This includes ensuring that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle, from the requirements definition phase through disposal. The ISSO shall possess effective interpersonal and presentation skills as he/she operates in a client-facing role. The ISSO must possess experience with NIST 800 publications standards. The position requires experience with vulnerability scanning and assessments. The ISSO shall conduct Assessment and Authorization (A&A) activities in accordance with NIST 800-37 standards. All A&A deliverables must meet the metrics in the DHS Information Security Performance Plan. The ISSO shall also respond to Information Security Vulnerability Management (ISVM) notifications and ensure all systems under their purview are in compliance with DHS IT Policies. The ISSO shall manage single or multiple systems depending on the size and complexity., * Execute Risk Management Framework Assessment and Authorization activities.
- Assist in developing unified guidelines and procedures for conducting authorizations and/or system-level evaluations of federal information systems and networks including the critical infrastructure of DHS.
- Develop and present, both verbally and in writing, highly technical information and presentations to non-technical audiences at all levels of the organization; audiences for this information include, but are not limited to, senior executives at DHS and other agencies.
- Ensure IT systems have all security controls in place and functioning properly in accordance with NIST 800-53A publication.
- Conduct and evaluate/analyze vulnerability results from security tools including but not limited to: Tenable.sc/NESSUS, Splunk, AppDetective, and WebInspect.
- Support onsite external and internal audits for designated systems.
- Report incidents within the time frame prescribed by DHS 4300 policy for incident response.
- Experience as a security control assessor a plus for this position.
Requirements
Do you have a valid CompTIA Advanced Security Practitioner certification?, Do you have experience in Web Application Security Testing?, * At least one year of experience as an ISSO or performing the duties of an ISSO
- Minimum of three years of experience in Federal IT Security.
- Must possess one of the following security professional certifications: Certified Information Systems Security Professional (CISSP), Certification and Accreditation Professional (CAP), CompTIA Advanced Security Practitioner (CASP), or similar widely recognized advanced IT Security certification.
- Thorough knowledge of, and experience with, the NIST 800 series publications to include: 800-30, 800-37, 800-53, 800-53a, 800-60.
- Previous experience creating all necessary A&A documentation.
- Minimum of three years demonstrated experience with Enterprise Network devices (i.e. routers, switches, firewalls).
- Minimum of three years demonstrated experience with Operating platforms (i.e. UNIX, Solaris, and Microsoft) and others as required.
- Current badge from DHS or a DHS component is preferrable
- Active Secret or Top Secret clearance (this is a firm requirement)
Benefits & conditions
Pulled from the full job description
- Professional development assistance
- Tuition reimbursement
- 401(k)
- Health insurance
- Retirement plan
- 401(k) matching
- Paid time off, * 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Paid time off
- Professional development assistance
- Retirement plan
- Tuition reimbursement
- Vision insurance