Information Systems Security Officer (ISSO)
475 L'Enfant Plaza SW Washington, DC 20260 US
Job Description
Type of Engagement: 2-year contract (Not open to 3rd party C2C consultants. Visa sponsorship is not available)
Work Location: Hybrid position located in Washington, DC.
Candidates must reside in the Greater Washington, DC Metro area.
Required Skills & Experience:
- 5 to 7 years of experience
- Bachelor's Degree, preferable in Computer Science, Information Technology, or Cybersecurity
- Risk Management Framework (RMF)
- System Security Plan (SSP)
- Plan of Action and Milestones (POA&M)
- Authorization to Operate (ATO)
- Security Impact Analysis (SIA)
- Information Sensitivity Security Assessment, Information Technology Risk Acceptances,
- Configuration Management Plan, Supply Chain Risk Management Plan, Interconnection Security Agreements, Memorandums of Understanding
- Information Data Exchange Agreements, Vulnerability Reports
- Current and maintained certification in one or more of the following IT Security disciplines: Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) or equivalent certification required.
Big Bonus Points if you Have:
- NIST 800-53, NIST 800-37, FIPS 199 and FIPS 200.
Essential Job Responsibilities:
- Participate in planning and management of all phases of the House Risk Management Framework (RMF) Security Assessment and Authorization (A&A) process.
- Complete required A&A activities on assigned IT systems.
- Ensure that the appropriate operational cybersecurity posture is maintained for assigned Chief Administrative Officer (CAO) systems to provide confidentiality, integrity, and availability of information systems.
- Perform continuous monitoring of implemented security controls to ensure that they are implemented correctly, operating as intended and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems. Conduct continuous monitoring activities, to include:
- Maintenance of current ATO
- Conducting periodic system self-assessments
- Review periodic vulnerability scan reports and compliance reports
- Ensure stakeholders are performing system log reviews as defined in the SSP
- Ensure assigned IT system user accounts are periodically reviewed for accuracy and completeness
- Work with technical teams to mitigate security control deficiencies and vulnerabilities for assigned IT systems.
- Assess the cybersecurity impact of changes to assigned IT systems and document findings in a SIA report and brief stakeholders.
- Conduct self-assessments of security controls, identify weaknesses and track remediation activities in POA&M.
- Manage the POA&M process for designated IT systems to provide timely detection, identification and alerting of non-compliance issues. In coordination with SO staff, create POA&Ms or remediation plans for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Provide the required system access, information, and documentation to security assessment and audit teams.
Job Requisition # 39084
A reasonable estimate of the pay range for this role is $55.00 - $60.00 per hour. The disclosed pay range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The compensation decisions are dependent on the facts and circumstances of each case, such as skills and experience levels.
Meet APC
APC is a professional staffing and services organization focused on engaging people and positively impacting lives. As “Professionals serving Professionals”®, we take pride in providing our employees and contractors with the highest level of customer service and support.
APC is committed to creating a diverse work environment and is proud to be an Equal Opportunity Employer. All qualified candidates will receive consideration without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, genetics, or veteran status.
#LI-Hybrid
#LI-RL1
Meet Your Recruiter
Share This Job:
Related Jobs:
About Washington, DC
Are you sure you want to apply for this job?
Please take a moment to verify your personal information and resume are up-to-date before you apply.