ISSO Specialist - LLJP00001448 at Softworld Inc

Job Title: ISSO Specialist

Job Location - Lexington MA 02420

Onsite Requirements:

• NIST 800-53
• Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security)
• Prior ISSO experience
  

Job Description:

• This role is supporting Air Force Programs and Client prefers candidates with mid-level experience:
• Assist and support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
• Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
• Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
• Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
• Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stake holders.
• Recognize a possible security violation and take appropriate action to report the incident, as required.
• Assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy.
• Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures.
• Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
• Lead and align information technology (IT) security priorities with the security strategy.
  Prepare for and participate in periodic organization compliance assessments.
• Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.

Education and Certifications:

• BS degree is preferred but not required
• Security Plus is the minimum 8570 certification requirement.

Must Have

• Admin
• System Auditing 4 years
• Certification
• Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security) Yes
• Experience
• Regulatory & Compliance 4 years
• Government Policy/Regulations
• STIGs/SCAP 4 years
• Security
• Assessing Security Controls (CS105.16) 4 years
• Assessment and Authorization 4 years
• Authorizing Systems (CS106.16) 4 years
• Categorization of the System (CS102.16) 4 years
• Continuous Monitoring (CS200.16) 4 years
• Implementation of Controls (CS104.16) 4 years
• Monitoring Security Controls (CS107.16) 4 years
• NIST 800-53 4 years
• NIST SP 800-37 4 years
• Risk Management Framework (RMF) 4 years
• Selecting Security Controls (CS103.16) 4 years

Nice to Have

• Bachelor's Degree