(100% Remote / DMV Area ) ISSO / Cybersecurity Analyst
Role details
Job location
Tech stack
Job description
The ISSO will execute Risk Management Framework activities for ATO decisions and ensure systems meet compliance requirements while ensuring confidentiality, integrity, and availability of Information Systems through proper security control implementation.
-
This position requires implementing security controls and conducting system assessments to identify vulnerabilities and gaps, as well as developing and maintaining System Security Plans, Configuration Management Plans, and Contingency Plans.
-
ISSO will conduct Security Impact Analyses and test configuration changes pre- and post-deployment, support continuous monitoring of IT systems, and develop and track POA&Ms for identified vulnerabilities.
-
Responsibilities include developing security requirement traceability matrices and managing hardware and software inventory lists, supporting cloud security initiatives, and participating in Change Advisory Board (CAB) reviews.
-
The position involves conducting technical vulnerability assessments, providing audit support documentation, and responding to cybersecurity data calls with timely information to leadership. Critical deliverables include preparing Security Test Plans 90 days prior to testing and Security Test Reports within 15 days after testing, generating POA&Ms within 0 to 15 days after vulnerability identification, and updating System Security Plans, Configuration Management Plans, and Contingency Plans annually or when changes occur.
-
The ISSO will conduct Security Impact Analysis Reports within 5 business days after change notification, analyze Risk Assessment Reports and FISMA Scorecard Analysis on a daily basis, and produce Weekly Activity Reports and Monthly Program Reports.
-
This position requires following the Information Systems Security Officer (ISSO) Guide when developing, updating, or reviewing required security artifacts and tracking and suggesting technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
PLEASE NOTE: Candidates must be able to obtain and/or maintain a Department of Defense Public Trust Security Clearance as a condition and continuation of employment*
Requirements
Top Secret Clearance (Eligible)
- Security+CE
- 7+ Years of Overall/Combined Experience in Cyber/IT Security/ISSO/ISSE/ISSM or Similar
- Experience executing the RMF lifecycle and ATO activities
- Experience conducting security control assessments, vulnerability assessments, and Security Impact Analyses
- Experience developing security documentation including SSPs, POA&Ms, and Contingency Plans
Benefits & conditions
Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to