Alternative Information System Security Officer (A-ISSO) - U.S. Citizenship Required jobs in United States
cer-icon
Apply on Employer Site
company-logo

ZenPoint Solutions LLC ยท 3 hours ago

Alternative Information System Security Officer (A-ISSO) - U.S. Citizenship Required

positionWashington, DC
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

ZenPoint Solutions LLC is a rapidly expanding Information Technology services company in the federal sector. They are seeking an Alternative Information System Security Officer (A-ISSO) to provide advanced cybersecurity and system integration services, ensuring the security posture of various platforms and overseeing the implementation of controls and procedures to protect information systems.

ConsultingIT ManagementProfessional Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures
Maintain the operational security posture of information systems
Create and maintain existing information system security documentation, including SSP, Security Controls Traceability Matrix (SCTM), and Risk Management Framework (RMF) Body of Evidence
Ensure all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before being granted access to the system, and periodically thereafter
Write security control implementation details describing how security features are implemented based upon the requirements set forth by NIST 800-53
Prepare system documentation for assessment in accordance with RMF, FISMA and NIST Special Publications (800-37, 800-53 and others); identify deficiencies and provide recommendations for solutions; assist in writing remediation plans for findings, create Plan of Action (POA&M) in the GRC tool, and track them to closure
Participate in Authority to Operate Assessment activities in support of Security Control Assessors and Information System Security Managers
Create security policies and maintain existing information system security documentation
Conduct periodic and continuous monitoring of the system to ensure compliance with the authorization package
Participate in the change management process, including reviewing 'Change Requests' and assisting in the assessment of security impact of proposed changes
Conduct daily, weekly, and monthly audit review and management of the audit collection system for assigned systems, boundaries, and components
Continuously review and evaluate best practices for implementing a comprehensive audit program
Implement vulnerability management programs including tracking, remediating and closing of identified vulnerabilities
Support penetration testing efforts
Provide direction and guidance to less experienced cybersecurity personnel
Remain sensitive to security infractions and assist in security investigations and responses as requested
Assist with conducting contingency plan testing and remediate weaknesses identified during testing
Oversee system recovery processes to ensure that security features and functions are fully restored and operating correctly after an outage
Effectively communicate both verbally and in writing with government and industry stakeholders

Qualification

NIST SP 800-53CybersecurityRisk Management FrameworkGRC toolsCloud computingInformation SecurityCommunication skillsProblem-solvingAttention to detailLeadership

Required

Candidate must be a United States Citizen and present proof of Citizenship, if selected
Bachelor's Degree in computer science, information systems, or a related field
5+ years of experience in Information Security (INFOSEC) operations and/or Cybersecurity-related support
Strong background and extensive experience with NIST SP 800-37, SP800-53, FISMA, and FedRAMP knowledge of current authorization practices, particularly within the DoD or DOS
Extensive background with DITSCAP/DIACAP may be substituted in some cases
Experience with security efforts related to modern Windows, Cloud computing (Azure/AWS), Linux, Cisco, SQL or Oracle databases, and virtual computing. This may also include some system administration work with an emphasis on security control implementation
Experience with using GRC tools such as Xacta, Archangel, eMASS
Highly motivated professional capable of managing a demanding workload and competing priorities
Self-starter with the ability to gather input from stakeholders and adapt to changing project requirements
Exceptional attention to detail and an efficient and disciplined work approach
Excellent communication skills with a high level of integrity and leadership
Strong problem-solving, critical thinking, and multitasking abilities

Preferred

CAP, CASP, CISSP, or CISM desired
5+ years of experience with the Risk Management Framework (RMF) within the Intelligence Community (IC), DOS, and/or Federal Systems community

Benefits

Health, dental, and vision insurance
Group and voluntary life insurance
Short-term and long-term disability insurance
401(k)-retirement plan with company matching contributions
Flexible spending accounts
Generous paid leave policy, including federal holidays
Professional development opportunities
Tuition assistance program

Company

ZenPoint Solutions LLC

twittertwitter
company-logo
ZenPoint is a small, 8(a) certified, woman-owned IT Services company.
dateFounded in 2009
location
Mclean, Virginia, USA
people-size51-200 employees
web-link
http://www.zpsolutions.com

Funding

Current Stage
Growth Stage
Company data provided by crunchbase