Information Systems Security Officer ( ISSO) with Security Clearance
Delviom LLC
2024-11-07 16:41:00
Vienna,
Virginia,
United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Job Description:
We are seeking an experienced Information Systems Security Officer (ISSO) to join our team and support the Cyber ISSM in executing security program tasks and day-to-day operations. The ideal candidate will have strong technical expertise and the ability to provide IT security management and hands-on security support across various IT operating and development environments. The ISSO will be responsible for developing and maintaining critical security documentation, writing policies, and building Standard Operating Procedures (SOPs) to ensure system authorization in line with organizational and regulatory standards.
Key Responsibilities:
• Collaborate with the Cyber ISSM to execute security program tasks, ensuring compliance with organizational policies and industry regulations.
• Develop, maintain, and update security policies, Standard Operating Procedures (SOPs), and system security plans (SSPs) to support the authorization of IT systems.
• Perform security assessments and compliance evaluations, ensuring systems adhere to established security policies and procedures.
• Work closely with Information System Security Officers (ISSOs) and other stakeholders to define and prioritize system alerts and notifications.
• Conduct security impact assessments for system/functional Change Requests (CRs) within the System Development Lifecycle (SDLC).
• Perform access control reviews for privileged accounts, developing detailed Account Review Summaries.
• Prepare and review Interconnection Security Agreements and Memoranda of Agreement, ensuring compliance with approval processes.
• Conduct risk assessments and data sensitivity analysis, recommending system enhancements to maintain security posture.
• Prepare White Paper Briefings and strategic recommendations for implementing new technologies to improve security and cost-effectiveness.
• Conduct compliance and vulnerability assessments, prepare executive summaries, and provide remediation recommendations.
• Develop and execute annual security continuous monitoring test plans, testing security controls, and coordinating with stakeholders.
Qualifications:
• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Security+, CISSP, CISM, CISA, or equivalent certification preferred.
• Experience in working with ISSOs and technical teams to define system alerts and notifications.
• Strong expertise in conducting security impact assessments within the SDLC framework.
• Experience performing access control reviews and creating detailed Account Review Summaries.
• Proficiency in developing security documentation, policies, and procedures to support system authorizations.
• Experience with security tools such as Nessus, Splunk, DB-Protect, and Web Inspect.
• Familiarity with industry best practices, standards, and regulations (e.g., NIST, ISO, GDPR).
• Excellent communication and interpersonal skills.
• Ability to work independently and collaboratively in a team environment.