This job is closed

We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.

Steampunkposted 4 months ago
$120,000 - $145,000/Yr
Full-time • Principal
McLean, VA
Food Services and Drinking Places

About the position

Steampunk is seeking a Principal Information System Security Officer to support a government customer by ensuring that security levels are maintained at an acceptable risk. The role requires strong initiative, organization, and customer service skills, along with the ability to adapt to a fast-paced environment. Effective communication and problem-solving skills are essential, particularly regarding sensitive information.

Responsibilities

  • Proactively create, monitor, and update the status of POA&Ms to ensure weaknesses are resolved according to scheduled completion dates.
  • Create Waivers or Risk Acceptance Memos for effective management of system risks.
  • Conduct annual assessments in accordance with the DHS Information Security Performance Plan.
  • Review and update security authorization documents at least annually.
  • Conduct Contingency Plan tests annually and update the plan as necessary.
  • Perform system self-assessments as part of the customer's Ongoing Authorization program.
  • Monitor and respond to Information Security Vulnerability Management (ISVM)/Patch Management.
  • Provide audit support for assigned systems throughout the audit process (Pre, During, and Post Audit).
  • Maintain knowledge of inventory in the accreditation boundary.
  • Use CBP and DHS mandated enterprise IA Compliance Tools.
  • Devise a plan to certify and accredit assigned Information systems.
  • Respond to emerging requirements or policies set by legislation, regulation, or policy.
  • Participate in DevOps Sec requirements for assigned systems.
  • Support the review and update of security authorization documents as needed.
  • Coordinate with Privacy, Records, and Information Governance Divisions related to compliance documentation and other requirements.
  • Ensure security requirements are included in the development cycle (Waterfall, Agile, SecDevOPs).
  • Ensure CM processes are followed to prevent introducing new security risks.
  • Support the management of Information Security Vulnerability Management (ISVM) Compliance.

Requirements

  • Bachelor's Degree and 8 years of cybersecurity experience, which must be FISMA-related, OR No degree and 12 years of cybersecurity experience, 10 of which must be FISMA-related, OR Master's Degree in an IT field and 6 years of cybersecurity experience, which must be FISMA-related.
  • One of the following certifications: CISSP, CASP, CISA, CISM, SSCP, GISP, GSLC.
  • Extensive knowledge of IA field concepts, practices, and procedures for secure integration and operation of systems.
  • Specialized knowledge of financial audit standards, classified system IA requirements, and Privacy Act requirements.
  • Experience with NIST SP 800 publications, particularly those associated with the Risk Management Framework.
  • Knowledge of evaluating system, network, or infrastructure security controls against FISMA, FIPS, and NIST guidelines.
  • Experience with vulnerability scanning execution, assessment, and analysis.
  • Knowledge of operating systems and network security (LAN and WAN).
  • Experience with application security, database security, and network security.
  • Understanding of information security and assurance principles (e.g., Defense-in-depth).
  • Ability to assess and weigh current and evolving security threats.

Nice-to-haves

  • Current experience providing ISSO support at CBP or DHS.
  • Experience supporting systems hosted in Cloud environments.
  • Experience supporting systems in Agile and DevOps environments.

Benefits

  • Competitive salary range of $120,000 to $145,000.
  • Employee ownership and investment in employee growth.
  • Comprehensive benefits package including health insurance, retirement plans, and professional development opportunities.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service