04 Apr
ISSO Team Lead
District of Columbia, Washington

Vacancy expired!

ISSO Team Lead

Job Description

The candidate will provide direct support to ISSOs performing the followingtasks:

  • Developand maintainSystem Security Plans (SSP)
  • Transitionto, implementand manageNIST 800-53 Rev. 5 Security Controls
  • Supportthe SA&A process
  • SupportContinuous Monitoring activities
  • ManagePOA&Ms and developing remediation strategies
  • Alignsystems activities to the NIST Cyber Security Framework (CSF)
  • Supportthe incident response process
  • Identifyand supportsystem Interconnection Security requirements
  • Supportaudit logging review and remediation activities
  • ProvideOMB FISMA data
  • Developand documentincident reporting procedures for service desk, admins, and security staff for incidents
  • EnsureSystem Owners and other government POCs are kept up to date and informed of system statuses and pending security-related deadlines.

The ISSO should be intimately familiar with some aspects of the following:

  • Federal Government Information Assurance policies and regulations to include:
    • OMB requirements, FISMA, and NIST 800 series
    • OMB A-123 circular; OMB A-130 circular
    • FIPS 140, 199, 200, 201
    • NIST SP 800-18, -37 , -39, -53 Revisions 4 and 5, -53A, -60 Volumes 1 and 2, -64 Revision 2, -137, -144, -147
    • CNSS 1253 and risk management methodologies
  • Techniques used for evaluating security controls on Windows, Linux, and Unix operating systems, networking devices, databases, and web servers
  • Automated vulnerability and risk assessment tools such as Nessus, AppDetective/DbProtect, Hailstorm, McAfee Vulnerability Manager (Foundstone), and NMAP enterprise-level vulnerability scanning servers

Qualifications

  • Active Secret clearance required
  • Minimum of 15 years of relevant experience
  • Minimum Education: Bachelor’s Degree
  • At least one of the following certifications: CISSP, CCSP, CISM, GSLC, CISA, CASP, or equivalent
  • Prior experience as an ISSO
  • Must have a strong understanding of FISMA, the SDLC, RMF, and SA&A processes
  • FedRAMP and Cloud (Azure, AWS) experience.
  • Understanding and experience with CSAM is a PLUS
  • Travel: MUST be willing to travel 10-15% after COVID

Additionally, individuals must demonstrate proficiency in the following areas:

  • Strong written and oral communication skills
  • Critical thinking
  • Strategy development
  • Balancing security requirements with mission needs
  • Good judgment and business acumen
  • Relationship management
  • Project management (ability to track detailed tasks and ensure timely delivery)
  • Ability to work quickly, efficiently, and accurately in a dynamic and fluid environment

Additional Information

  • All your information will be kept confidential according to EEO guidelines
  • Equal Opportunity Employer Veterans/Disabled

Vacancy expired!