Information Systems Security Officer (ISSO) (Mid Level)
BCS is looking for cyber security talent to fulfill the the role of ISSO in support of the ISSM. Below are the required skills and experience.
- Provide support for assigned projects as required.
- Be responsible for carrying out assigned duties and responsibilities in a manner consistent with policies set forth by the supervisor
- Clear communicator with demonstrated ability to work in teams
- Experience with network security, system auditing, and security policy development
- Demonstrated strong understanding of business continuity planning, auditing, privacy and risk management, web application testing, certification and accreditation
- Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures; verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.
- Systems Architecture; how hardware, network, and storage components work together
- Ability to provide systems integration with COTS/GOTS applications
- Strong familiarity with NIST, DISA and DoD Security Standards and Certification and Accreditation (C&A) processes
- Experience with compliance scanning tools (DISA Gold Disk, SRR, Retina); running scans, evaluating results, and determining remediation steps
- Experience writing POA&Ms, including detailed justifications for program-required non-compliant items- Ability to perform risk assessment of software, hardware and multi-functional devices per a structured approach using Federal guidance and best practices as the baseline
- Information gathering, or advise and assistance in vulnerability scanning and analysis according to policy; scheduling, execution and tracking of vulnerability remediation activities; security monitoring, analysis and response; coordinating, tracking, and reporting of security patch/upgrade implementation; development of security policies, processes and procedures; development of information security documents; conducting security audits; workload estimating; development and delivery of presentations; system security architecture and design; security product trade studies; incident response; security test and evaluation; and STIG/Checklist auditing.
- RMF Process - All security controls
- Technical Writing - SSP, COOP, IRP, CM, and other SOPs
- ACAS Scanning, Review, and Reporting
- Generate Risk Assessments
- Generate POA&Ms
- Review Fortify Scans
- Work with Product Teams, and developers
Knowledge of tools:
- Pivot Tables in Excel
- 2-3 years working in the information assurance field
- Previous hands on experience a plus (system administration, network administration, system engineering, applicaiton development)
Certification and Education:
- Active DoD Secret Security Clearance (non-negotiable)
Beacon Cloud Solutions (BCS) is a San Diego based technology company based on the belief that an Internet connection and a web browser is all you need to fully run and operate a business. It is our mission and passion to develop and deliver cloud-based solutions that change the way data is processed and how our customer do business. We are a family oriented company and believe that it is OK to have fun at work. We believe our customers should be able to work from anywhere with an Internet connection and a web browser so that is how we operate. Also, we love our customers because they keep us in business, so when they call us we are happy and do everything we can to solve their issue.
Wed, 12 Jul 2017 09:43:03 PDT