ISSO Team Lead
Vacancy expired!
MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious organizations globally. Our relationship with you is for the long run because your success is our success. We invest in your success through fantastic benefits (healthcare, generous PTO, paid parental leave, and tuition reimbursement, to name a few). Beyond just excellent pay and benefits, you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you. A position at MPG promises you A diverse organization
A safe workplace with zero tolerance for discrimination or harassment of any kind
A balanced work life. Seriously.
A stable, established, and growing business
A leadership team focused on your professional growth and development
The candidate will provide direct support to ISSOs performing the followingtasks:Develop and maintain System Security Plans (SSP)
Transition to, implement and manage NIST 800-53 Rev. 5 Security Controls
Support the SA&A process
Support Continuous Monitoring activities
Manage POA&Ms and developing remediation strategies
Align systems activities to the NIST Cyber Security Framework (CSF)
Support the incident response process
Identify and support system Interconnection Security requirements
Support audit logging review and remediation activities
Provide OMB FISMA data
Develop and document incident reporting procedures for service desk, admins, and security staff for incidents
Ensure System Owners and other government POCs are kept up to date and informed of system statuses and pending security-related deadlines.
The ISSO should be intimately familiar with some aspects of the following:Federal Government Information Assurance policies and regulations to include:
OMB requirements, FISMA, and NIST 800 series
OMB A-123 circular; OMB A-130 circular
FIPS 140, 199, 200, 201
NIST SP 800-18, -37 , -39, -53 Revisions 4 and 5, -53A, -60 Volumes 1 and 2, -64 Revision 2, -137, -144, -147
CNSS 1253 and risk management methodologies
Techniques used for evaluating security controls on Windows, Linux, and Unix operating systems, networking devices, databases, and web servers
Automated vulnerability and risk assessment tools such as Nessus, AppDetective/DbProtect, Hailstorm, McAfee Vulnerability Manager (Foundstone), and NMAP enterprise-level vulnerability scanning servers
Active Secret clearance required
Minimum of 15 years of relevant experience
Minimum Education: Bachelor’s Degree
At least one of the following certifications: CISSP, CCSP, CISM, GSLC, CISA, CASP, or equivalent
Prior experience as an ISSO
Must have a strong understanding of FISMA, the SDLC, RMF, and SA&A processes
FedRAMP and Cloud (Azure, AWS) experience.
Understanding and experience with CSAM is a PLUS
Travel: MUST be willing to travel 10-15% after COVID
Additionally, individuals must demonstrate proficiency in the following areas:Strong written and oral communication skills
Critical thinking
Strategy development
Balancing security requirements with mission needs
Good judgment and business acumen
Relationship management
Project management (ability to track detailed tasks and ensure timely delivery)
Ability to work quickly, efficiently, and accurately in a dynamic and fluid environment
Location:There is a teleworking option with this role until a time where the client requires the team onsite in Washington, DC.
All your information will be kept confidential according to EEO guidelines
Equal Opportunity Employer Veterans/Disabled
Vacancy expired!