Apply on Employer Site

Booz Allen Hamilton · 1 day ago

Information System Security Officer

McLean, VA

Full-time

Hybrid

Mid Level

$55K/yr - $126K/yr

Booz Allen Hamilton is seeking an Information System Security Officer (ISSO) responsible for assessing and requesting client authorization for company-managed classified endpoints, servers, networks, and security appliances. The ISSO will ensure compliance with U.S. Government cybersecurity policies and guidance, monitor system administrators, and document compliance criteria required for cybersecurity validation.

ConsultingCyber SecurityIT InfrastructureManagement ConsultingSecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Assessing and requesting client authorization for company-managed classified endpoints, servers, networks, and security appliances

Ensures system, network, and security appliance auditing, virus scanning, and hardware and software configuration management requirements are executed as defined in client-approved system assessment documentation and policy

Monitoring the activities of program system administrators to ensure all relevant security procedures are followed

Documenting clear and concise compliance criteria and test cases required to validate compliance with an evolving baseline of cybersecurity requirements and guidance from the National Institute of Standards and Technology (NIST), the Intelligence Community, and the DoD

Qualification

Security systems conceptsRisk Management Framework (RMF)Incident responseNIST complianceDoD 8570 IAM II CertificationVulnerability scanningCybersecurity solutions designCISSP CertificationWritten communicationVerbal communication

Required

Experience applying security systems concepts, requirements, design development, implementation, and integration to information systems

Knowledge of Risk Management Framework (RMF), performing system assessment and authorization through a Governance, Risk, and Compliance (GRC) tool

Knowledge of risk mitigation and selecting and designing appropriate security controls for implementation

Knowledge of incident response and data loss prevention, detection, and response

Knowledge of the NIST and Federal Information Security Management Act (FISMA) requirements for monitoring and reporting

TS/SCI clearance with a polygraph

HS diploma or GED

DoD 8570 IAM II Certification

Preferred

Experience executing the analysis, design, and implementation of enterprise cybersecurity solutions

Experience maintaining vulnerability scanning tool compliance and patch management, including ensuring IT staff pushes patches to all systems, maintains compliance with directives, manages changes to the system, and assesses the security impact of the changes

Experience engineering and implementing security-based solutions to further automate and improve the comprehensive security posture of systems and their supporting infrastructure

Possession of excellent written and verbal communication skills

DoD 8570 Certification such as CISSP, CISSP-ISSAP, or CISSP-ISSEP Certification