ISSO Specialist - LLJP00001448 at Softworld Inc
Lexington, MA
About the Job
Job Title: ISSO Specialist
Job Location - Lexington MA 02420
Onsite Requirements:
- NIST 800-53
- Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security)
- Prior ISSO experience
Job Description:
- This role is supporting Air Force Programs and Client prefers candidates with mid-level experience:
- Assist and support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
- Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
- Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
- Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stake holders.
- Recognize a possible security violation and take appropriate action to report the incident, as required.
- Assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy.
- Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures.
- Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
- Lead and align information technology (IT) security priorities with the security strategy.
Prepare for and participate in periodic organization compliance assessments. - Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
Education and Certifications:
- BS degree is preferred but not required
- Security Plus is the minimum 8570 certification requirement.
Must Have
- Admin
- System Auditing 4 years
- Certification
- Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security) Yes
- Experience
- Regulatory & Compliance 4 years
- Government Policy/Regulations
- STIGs/SCAP 4 years
- Security
- Assessing Security Controls (CS105.16) 4 years
- Assessment and Authorization 4 years
- Authorizing Systems (CS106.16) 4 years
- Categorization of the System (CS102.16) 4 years
- Continuous Monitoring (CS200.16) 4 years
- Implementation of Controls (CS104.16) 4 years
- Monitoring Security Controls (CS107.16) 4 years
- NIST 800-53 4 years
- NIST SP 800-37 4 years
- Risk Management Framework (RMF) 4 years
- Selecting Security Controls (CS103.16) 4 years
Nice to Have
- Bachelor's Degree