Information Systems Security Officer-Remote

ZizaTech

Job Description

Information Systems Security Officer (ISSO) - 80% Remote

Bethesda, MD but 80% remote

Opportunity Overview:

This is a 4-year project with Department of Homeland Security (DHS) in completely DevOps/DevSecOps arena with the latest and greatest tools and technologies for folks to broaden their skills set. The stability, growth, and flexibility are the key benefits provided with this opportunity. The project is the backbone of DHS providing all cloud and DevOps/DevSecOps type services with the latest and greatest tools … not a routine federal government contract. It is probably the first agency implementing a true DevOps/DevSecOps culture and transforming the way business is done. Someone with current DHS/USCIS clearance or other existing clearances will be an ideal scenario.

Desired Certifications and Key Words: CISSP, CAP, FISMA, C&A

Must Have Key Skills:

· Candidate must have some combination of technical background (networks engineering, software development, cloud, etc.) before moving into an ISSO role.

· This role requires an understanding of technology vs. only being responsible for documentation.

· Following skills are needed:

o Xacta tool (must have)

o Experience as the primary ISSO for a large system (must have)

o Account management experience (very much needed)

o Someone who has built the system from the ground up (very much needed)

o Splunk (very much needed)

o AWS cloud (nice to have)

Responsibilities:

The selected candidate shall provide Information System Security Officer (ISSO) and Acting Information Security Officer (AISSO) support to designated federal ISSOs to ensure customer systems maintain their Authority to Operate (ATO) with a security posture in accordance with DHS 4300A Rev 4 and NIST SP 800-53A Rev4 guidance. This support shall include providing IT security assessment and IT security audit functions to ensure FISMA compliance, support in developing and maintaining documentation in support of Certification & Accreditation (C&A) as required by the Federal Information Security Management Act (FISMA); ensuring all C&A and system security documentation (Security Plan, Privacy Threshold Analysis, Privacy Impact Assessment, e-Authentication, FIPS-199, Business Impact Analysis) is kept up to date or create C&A documentation when needed; and ensuring systems meet all security requirements mandated by DHS 4300A and DHS Management Directives.

Qualifications:

  • The candidate MUST HAVE a technical background i.e. previous experience as a Systems Administrator/Engineer, Network Architect/Engineer, Software Architect/Developer vs. someone who has only created security documentation.
  • Follow the Information Systems Security Officer (ISSO) Guide, V10, when developing, updating, or reviewing required security artifacts in the Xacta Information Assurance Manager. Ensure proper access controls are implemented for both system access and physical access to data processing facilities
  • Create, update and assess compliance of system Authority to Operate (ATO) packages
  • Provide information security expertise to system development teams throughout the System Engineering Lifecycle process.
  • Ensure Plan of Action & Milestone (POA&M) and other compliance and vulnerability issues are remediated in a timely fashion.
  • Any DoD 8570 approved baseline certifications (e.g. CISSP, CEH, CAP, CISM)
  • Ensure proper access controls are implemented for both system access and physical access to data processing facilities
  • Experienced with creating Security Plan, Privacy Threshold Analysis, Privacy Impact Assessment, e-Authentication, FIPS-199, Business Impact Analysis
  • Provide information security expertise to system development teams throughout the System Engineering Lifecycle process
  • Independently manages workload and provides guidance to less experienced staff
  • At least five years of experience with FISMA Compliance and the NIST RMF
  • Demonstrated expertise in SELC, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security, activities related to Ongoing Authorization
  • Knowledge of information security best practices, Enterprise Architecture
  • Experience with Xacta IA manager, Nessus Security Center, Splunk, FedRAMP, Data Centers, AWS, and prior DHS experience strongly preferred.

Clearance Required:

· Ideally, someone with current DHS clearance/EOD suitability.

· OR, someone with an active clearance from any other agency.

· Candidate MUST BE a US Citizen with an ability to obtain DHS suitability /Public Trust clearance.

Education: Typically requires B.S. degree in computer science, systems engineering, or electrical engineering, or industry equivalent experience required, and minimum of 5 years of related experience in information security.

Location: Bethesda, MD but 80% remote

Benefits at a Glance:

· Medical insurance - 100% company paid for the employee

· Dental Insurance - 100% company paid for the employee

· Vision Insurance - 100% company paid for the employee

· Flexible Spending Account (FSA) - You may elect to participate in the FSA plan

· Health Savings Account (HSA) - If you elect to participate in an HDHP plan, you can enroll in the available HSA Program.

· 401K and Retirement Savings Account

· Annual Bonus and Profit Sharing - Based upon individual performance, client feedback, and business development results

· Vacation - Company paid vacation and federal holidays followed by the client

· Employee Assistance Program (EAP) - Through available sponsors the 24 hours EAP program.

· Life and Personal Accident Insurance - Both are part of your benefit package

· Voluntary Disability Insurance - Both short and Long-term disability insurance is optional

· Training - An abundance of training resources can be found on the Employee Service Center.

· For more information on your Benefits, please see the Benefits at A Glance. The benefits will be effective 30 days after your start date.

Contact Info:

Please feel free to reach out with any questions to Chris Urban at or

We are an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Company Description ZizaTech was formed in 2016 by top-tier IT Technologists and Strategists providing services to Federal Government through both Consulting and Talent Placement (services).

Our Client is a leading provider of cloud managed services, agile software development, DevOps, systems engineering, IT service management and risk analytics. We work collaboratively with our customers to solve their biggest challenges through a commitment to delivering innovation, agility, and maximum value. Our employees are empowered to think outside of the box and provide innovative solutions to our customers and provide measurable cost saving.

ZizaTech realizes that talent can have very high placement costs which are cost prohibitive for Small and Medium sized businesses in the IT marketplace. We believe in building strong relationships with both our clients and our talent pool.

Being a consulting outfit with a recruiting arm focused on Small and Medium Size Consulting Businesses is what sets us apart.

View this job on