ISSO Team Lead

MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious organizations globally. Our relationship with you is for the long run because your success is our success. We invest in your success through fantastic benefits (healthcare, generous PTO, paid parental leave, and tuition reimbursement, to name a few). Beyond just excellent pay and benefits, you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you. A position at MPG promises you A diverse organization

A safe workplace with zero tolerance for discrimination or harassment of any kind

A balanced work life. Seriously. 

A stable, established, and growing business

A leadership team focused on your professional growth and development

The candidate will provide direct support to ISSOs performing the followingtasks:Develop and maintain System Security Plans (SSP)

Transition to, implement and manage NIST 800-53 Rev. 5 Security Controls

Support the SA&A process

Support Continuous Monitoring activities

Manage POA&Ms and developing remediation strategies

Align systems activities to the NIST Cyber Security Framework (CSF)

Support the incident response process

Identify and support system Interconnection Security requirements

Support audit logging review and remediation activities

Provide OMB FISMA data

Develop and document incident reporting procedures for service desk, admins, and security staff for incidents

Ensure System Owners and other government POCs are kept up to date and informed of system statuses and pending security-related deadlines.

The ISSO should be intimately familiar with some aspects of the following:Federal Government Information Assurance policies and regulations to include:

OMB requirements, FISMA, and NIST 800 series

OMB A-123 circular; OMB A-130 circular

FIPS 140, 199, 200, 201

NIST SP 800-18, -37 , -39, -53 Revisions 4 and 5, -53A, -60 Volumes 1 and 2, -64 Revision 2, -137, -144, -147

CNSS 1253 and risk management methodologies

Techniques used for evaluating security controls on Windows, Linux, and Unix operating systems, networking devices, databases, and web servers

Automated vulnerability and risk assessment tools such as Nessus, AppDetective/DbProtect, Hailstorm, McAfee Vulnerability Manager (Foundstone), and NMAP enterprise-level vulnerability scanning servers

Active Secret clearance required

Minimum of 15 years of relevant experience

Minimum Education: Bachelor’s Degree

At least one of the following certifications: CISSP, CCSP, CISM, GSLC, CISA, CASP, or equivalent

Prior experience as an ISSO

Must have a strong understanding of FISMA, the SDLC, RMF, and SA&A processes

FedRAMP and Cloud (Azure, AWS) experience.

Understanding and experience with CSAM is a PLUS

Travel: MUST be willing to travel 10-15% after COVID

Additionally, individuals must demonstrate proficiency in the following areas:Strong written and oral communication skills

Critical thinking

Strategy development

Balancing security requirements with mission needs

Good judgment and business acumen

Relationship management

Project management (ability to track detailed tasks and ensure timely delivery)

Ability to work quickly, efficiently, and accurately in a dynamic and fluid environment

Location:There is a teleworking option with this role until a time where the client requires the team onsite in Washington, DC.

All your information will be kept confidential according to EEO guidelines

Equal Opportunity Employer Veterans/Disabled