This site uses cookies. To find out more, see our Cookies Policy

Information Systems Security Officer in Merrifield, VA at ConsultNet

Date Posted: 3/26/2019

Job Snapshot

Job Description

Our client is the leading the convergence of information technology through innovation. They define, develop, and implement solutions to solve our federal government customers' hardest problems, while saving them money and modernizing their systems. They are experts in enterprise IT services, cyber security, software and data solutions, health services, intelligence and geospatial technologies, and program management services. Our client understands that employees make the company, and is searching for the best and brightest to exceed their customer's expectations. They are looking for someone with a passion for delivering innovative technology solutions.

Responsibilities:

  • The individual will provide System Assessment and Authorization (SA&A) support services, including conducting independent assessments, assisting in the development of required security documentation, and the preparation, review, and briefing of completed authorization packages for systems within the US Government Client.
  • Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing.
  • Reviews and continuously monitors implemented security controls.
  • Assists system owners in developing security authorization packages that are fully compliant with National Institute of Standards and Technology (NIST) guidelines.
  • Performs security control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.
  • Performs risk analyses to determine and recommends essential safeguards.
  • Conducts annual security controls effectiveness testing. Documents findings and advises and monitors remediation efforts on all systems.
  • The individual must be capable of independently developing SA&A packages and executing the associated tasks required in support of their development through independent assessment/ISSO support services. The individual will conduct annual reviews and make updates to the system documentation as required.
  • Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.
  • Work closely with representatives from other business units to request information, provide clarification, and validate findings, evidence, and POA&M statements.
  • Ability to effectively coordinate A&A activities of the US Government Client information systems to meet acquisition milestone requirements.
  • Maintain and meet deliverable schedules. Must be proactive in obtaining information from multiple internal and external teams to complete requirements on schedule.

 Education:

  • Bachelor or master degree in Computer Science, Computer Studies, Information Security (or equivalent combination of education and experience)

 Certifications (One or more required):

  • CompTIA Security+ CE, OR;
  • Global Information Assurance Certification (GIAC)
  • Security Essentials Certification (GSEC), OR;
  • ISC2 Systems Security Certified Practitioner (SSCP), OR;
  • Cisco Certified Network Associate (CCNA) Security and CISSP

 
Knowledge / Skills required:

  • Strong Communication Skills – verbal and written
  • Ability to influence stakeholders in the execution of security and compliance requirements
  • Knowledge of the security countermeasures and overall RMF and NIST compliance
  • Experience as a Security consultant in Risk and Compliance
  • Experience in supporting with various groups including information governance and compliance
  • Good understanding of Information Assurance Practices and Risk Management with hands on experience
  • Experience of security processes and standards, in particular NIST 800-series, ISO 27001/27002
  • Knowledge of security audit and accreditation processes
  • Experience with planning and executing Cybersecurity test events, including identifying applicable security controls, analyzing assessment procedures, and using required tools such as Governance, Risk and Compliance (GRC)
  • Experience with developing security control assessment reports, plans of action and milestones, and artifacts to support the authorization to operate
  • Experience with briefing clients and team members on technical, policy, and functional issues
  • Ability to mediate contentious situations and develop consensus. Ability to build bridges across organizational boundaries and the ability to communicate with technical and non-technical persons in management across a large, complex organizations
  • Understands federal security and regulations impacting security requirements to develop strategies for supporting internal US Government Client operations

Be a part of the ConsultNet difference. As a leading national provider of IT staffing and solutions, ConsultNet delivers exceptional services to startup, midmarket and Fortune 1000 companies across North America. Since 1996, we've partnered with clients to create rewarding opportunities for our consultants, successfully building teams that have surefire results.
In the past two years alone, we have placed more than 1,500 consultants in contract, contract-to-hire, or direct placement opportunities. We understand communication is key to finding the right job that matches your skills and career goals. For us, it's not just the work that we do; it's how we do the work. Our breadth of offerings extends to multiple IT positions in major markets throughout the country, see more at www.consultnet.com.