Information System Security Officer (ISSO)

About VITG

VITG is looking for an Information System Security Officer (ISSO) responsible for taking the lead on implementing security tools, security tool usage, ensuring tools remain compliant and configured properly, setting program policy all the while ensuring a successful program Authority to Operate (ATO). Our ideal candidate is passionate about working in a dynamic and highly collaborative environment. The ISSO provides oversight security posture for corporate systems that support Federal programs. He/She will be responsible for monitoring, evaluating, and maintaining systems and procedures to safeguard internal information systems, networks, databases, and Web-based assets.

Applicant Requirements

• US citizen or must be authorized to work in the United States
• Must have lived in the USA for three years of the last five years
• Must be able to obtain a US federal government badge and eligible for Public Trust clearance
• Must be able to pass a VITG background check, including a drug test

Job Responsibilities

• Provide support for a program, organization, system, or enclave’s information assurance program
• Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies
• Maintain operational security posture for FISMA information system or program to ensure information systems security policies, standards, and procedures are established and followed
• Responsible for implementing security tools, security tool usage, ensuring tools remain compliant and configured properly, all the while ensuring a successful program ATO
• Assist with the management of security aspects of the information system and perform day-to-day security operations of the system
• Evaluate security solutions to ensure they meet security requirements for processing classified information
• Perform vulnerability/risk assessment analysis to support certification and accreditation
• Provide configuration management (CM) for information system security software, hardware, and firmware
• Manage changes to the system and assess the security impact of those changes, including assistance with documenting and submitting applicable Security Impact Analysis (SIAs)
• Prepare and review security-related documentation to include, but not limited to,System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)
• Lead annual Contingency Planning and Incident Response (CP/IR) training activities and related documentation
• Lead all vulnerability management activities and collaborate with the technical team to ensure remediation prior to FISMA due date
• Manage documentation related to annual ATO and Security/Risk Assessments, to include creation, review and storage of all security related documents
• Assist with any security incidents, including after-hours availability and support as needed

Qualifications & Skills

• Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related discipline
• Minimum of 6 years related experience in Information Technology including 4 years in Information Security space
• Demonstrated work experience with computer networking, cryptography, security engineering and architecture, vulnerability assessments, or operating systems required
• Strong background in certification and accreditation process of information systems and ability to write, review and coordinate system security plans
• Demonstrated working knowledge of several of the following areas is required: understanding of business security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products; and current Internet technology
• Demonstrated working knowledge of vulnerability assessment and penetration testing tools
• Understands how to assess vulnerabilities and provide recommendations regardless of first-hand knowledge of the application or system
• Experience with Government Agency Security Assessment Process in support of maintaining and/or establishing an ATO and the appropriate boundary
• Experience with, understanding of, and adherence to guidelines such as FISMA, NIST, HIPPA, and IRS Pub-1075

Preferred Certifications

• Industry certification such as the CISSP, CEH, GIAC, etc.

Job Type

Full Time Employment

Salary

BOE between $110K to $140K

Benefits

• 401(k) with employer contribution
• Medical/Dental/Vision insurance (option for full coverage for employee)
• Life, ST/LT insurance
• Professional development opportunities

Schedule

• 8 hour shift
• Minimal after-hours support to assist with security incidents, when applicable

Work Type

• Hybrid remote in Ellicott City, MD 21043
• 2 days in office weekly

How to apply

• Please send an email to jobs@vitg.us with a cover letter and resume.