Senior Information System Security Officer

KeenLogic

Arlington, VA

Paid Time Off , Life Insurance , Retirement
Full-Time

Job Description

Position: ISSO IIIKeenLogic is seeking to hire an Information System Security Officer (ISSO) to join our team at the Drug Enforcement Administration. The ISSO is the component official assigned by the Authorizing Official or other senior management to ensure the appropriate operational security posture is maintained for an information system or program. The ISSO also serves as the principal advisor to the Authorizing Official and Information System Owner on all matters (technical and otherwise) involving the security of the information system.
The Cloud Information Systems Security Officer (ISSO) will work with government and industry customers to provide cyber security expertise for a Cloud Infrastructure (CI) program. The Cloud Information System Security Officer (ISSO) is responsible for the overall handling of information assurance expertise for a large, complex IT infrastructure program. Systems are deployed using a public cloud service provider(s) and/or on-premises cloud service provider to deliver advanced capabilities to the Federal government using IaaS, PaaS, and SaaS service models.

This is a full-time position offering Fortune 500-level benefits, PTO, 401k, and Life Insurance, and monthly reimbursement for travel. This position follows a 3x2 schedule, 3 days a week onsite and 2 days of remote work. Core work hours are 9:00am-2:30pm, with core start times between 6:00-9:00am.Required Qualifications:

Active Secret clearance
Must be eligible for Top-Secret clearance
Master’s degree from an accredited college or university or equivalent (documented formal training) in Information Technology, and 8 years overall experience with a minimum of 5 years of documented relevant work experience performing any combination of Information SPAA, Cybersecurity, System Administration, or Engineering
Education Substitution:
- Any combination of certificates such as Microsoft’s MCSE, or Cisco’s CISM, CISA, CSSP, CCNA, CCDA, or CCNP, may be considered equivalent to 2 years of general experience/information technology experience
- Certificates under the DoD IAM, IAT, IASAE, or CSSP Levels I, II or III may be considered equivalent to 2 years of information security experience
5+ years of relevant experience as ISSO, Security Analyst, Security Engineer, DevSecOps Security, or Cloud Security Engineer/Analyst
Familiarity with program security responsibilities to include, but not limited to the NIST RMF, audit log reviews, system monitoring, SPAA processes, FISMA requirements, vulnerability & compliance scanning, continuous monitoring activities, security testing and evaluation, and security policies
Highly specialized knowledge and expertise in one or more vertical disciplines such as law enforcement, anti-terrorism, biological science, banking, transportation, or other such disciplines as required to define/establish the functional or business direction of an enterprise, agency, or inter-agency requirement

Job Duties:

Create the Body of Evidence (BOE), Security Control Traceability Matrix (SCTM), and other cyber security program artifacts while working toward RMF-compliant security control inheritance
Apply knowledge of commercial and classified government cloud environments to strategize and conduct rigorous cyber security assessments on a developmental CI platform-as-a-service
Support CI assessment and authorization (A&A) events as the senior cyber security expert
Providing subject matter expertise and consulting on security related matters for enterprise information system and network architectures, access problems, and implementation of security policies and procedures
Ensuring secure access and protecting against unauthorized access, modification, or destruction of data
Demonstrating a familiarity with a variety of security concepts, practices, and procedures.
Performing a variety of tasks and working under general supervision
Oversees and manages day-to-day operation of Information Systems
Optimizes system operation and resource utilization and performs system capacity planning/analysis while maintaining the security posture
Performs system security analyses on client networks and systems; provides guidance, training, research, and recommendations on client networks and IS; performs security audits, evaluations, and risk assessments of complex operational systems and facilities and provides recommendations for remediating detected vulnerabilities; conduct security and internal control reviews of sensitive systems
Conducts specific technical reviews to support non-standard operational requirements and systems; design, develop, and maintain unique security tools and techniques for conducting security assessments; provide advanced technical computer and communications security assistance; provide expert assistance and recommendations in the field of Information Assurance and Cybersecurity
Conducts security assessments, security authorizations, and evaluations of applications and systems processing sensitive or classified information; develops requirements and specifications for reviewing and approving procurement requests, major systems development activities, telecommunications and teleprocessing hardware and software, and hardware and software encryption techniques on the basis of security concerns; and assesses technology to ensure that security vulnerabilities are identified and remediated
Develops and maintains IT security documentation, including system security plan, risk assessment, Plan of Action, and Milestones (POA&M), contingency plan, incident response plan, IT security policies and procedures, etc.
Assisting in the identification, implementation, and assessment of common controls.
Assisting in developing and updating the SSP, and coordinating with the Information System Owner, any changes to the information system and assessing the security impact of those changes.
Ensuring systems are operated, maintained, and disposed of in accordance with policies outlined in the approved security authorization package
Reporting all incidents
Monitoring system recovery processes and ensuring the proper restoration of information system security features
Performing annual assessments, at a minimum, on an annual basis to ensure compliance with DEA policy and standards
Serving as member of Configuration Control Board (CCB) to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented
Ensuring information system security requirements are addressed during all phases of an information systems lifecycle
Establishing audit trails, ensuring their review, and making them available (when required)
Retaining audit logs in accordance with DOJ and Component policies
Ensuring awareness and precautionary measures are exercised to prevent introduction and/or proliferation of malicious code
Evaluation of the assigned information systems’ security control compliance with the federal requirements and the client’s monitoring strategy
Management of emerging and defined risks associated with the administration and use of assigned information systems
Coordination with the client’s Cybersecurity Unit to achieve and maintain the information systems’ compliance and authorization to operate (ATO)
Generate and interpret documentation needed to address the items detailed within the JCAM
Work within a team environment to provide technically sound guidance in order to adhere to the cybersecurity industry best practices and the client’s monitoring strategy
Analyze collected information to identify vulnerabilities and potential for exploitation and effectively present the results and guidance derived from scans to system owners or other leadership, as required
Effectively communicate orally and in writing to track and detail the demands, efforts, and shortcomings in meeting the goals of the client’s information system monitoring strategy
Support the integration/testing, operations, and maintenance of systems security
Develops, updates, and maintains internal Standard Operating Procedures for all internal assigned functions
Aligns business processes and information technology strategy with the conditions and circumstances of the functional environment and establishes effective performance measures
Coordination with the TC Cybersecurity Services Section to achieve and maintain the information systems’ compliance and authorization to operate (ATO)

Preferred Qualifications:

Ability to understand the technical impact of what a vulnerability means and explaining to a system owner, administrator, ISSM or CISO. This is necessary to portray the technical impact and risk associated with a vulnerability (CVE, patch, etc.) and translate into a POAM and Risk Based decision recommendation for the CO/AO to action on and make an informed decision. In essence not just proficiency in the (6) steps of RMF from a paperwork or process perspective
Understanding of how to use or familiarity with the SCAP tool and STIG viewer.
Understanding RMF Risk Management Framework Guide for information systems and organizations. 800-37
Being able to analyze, implement and assess security controls from and operational, administrative, technical standpoint NIST 800-53 REV 5 Security & Privacy Controls
Understanding the CIA triangle and processing, storing, and transmitting data in an environment
Cloud experience dealing with Cloud Architectures/Platforms and applications

Certs such as:
- Microsoft Certified: Azure Administrator Associate
- AWS Certified SysOps Administrator
- AWS Certified Solutions Architect – Associate
- AWS Certified Developer – Associate
- CompTIA Cloud+
- Certified Cloud Security Professional (CCSP)
- AWS Certified Solutions Architect – Professional
- Certificate of Cloud Security Knowledge (CCSK)
- CCNA Cloud (Cisco)
- CCNP Cloud (Cisco)
- Fed Ramp Experience
- AWS Solutions Architect - (Associate/Professional)
- DevSecOps Engineer - (Associate/Professional)
- AWS Machine Learning - (Specialty)
- AWS Cloud Practitioner - (Foundational)
- AWS Security (Specialty)
- Azure Solutions Architect
- Azure Certified Security or Network Engineer (Associate)
- Azure AI fundamentals
- Azure Data Fundamentals
- Azure Data Scientist or Engineer Associate
- Azure DevSecOps Engineer Expert