Sorry, this job is no longer accepting applications.
See below for more jobs that match what you’re looking for!
Information System Security Analyst / Information Systems Security Officer (Isso)
Summit Technologies, Inc.
Washington , DC 20001
Posted 3 weeks ago
This Job is not relevant Tell us why
Summit Technologies, Inc. has a position for an Information Systems Security Analyst / Information Systems Security Officer (ISSO). Your primary function is to provide subject matter expertise to the governments Security Program Management Office (SPMO) and Information System Security Officer (ISSO).In this dual role, you will have responsibilities for Information Systems Security Analyst functions and Information Systems Security Officer functions.This on-site position is located in Washington DC and requires a Public Trust clearance.
Systems Security Analyst
- Perform root cause analysis of audit findings.
- Develop requirements for security control remediation activities.
- Review audit closure requests and status reports for security control accuracy and completeness.
- Interpret security principles and requirements for technical teams and acquisition project teams.
- Evaluate the effectiveness of proposed solutions to audit findings and other security control weaknesses.
- Develop plans to address gaps in the General Support Systems security posture.
Systems Security Officer (ISSO)
- Perform security impact analysis of proposed configuration changes.
- Develop security control implementation statements.
- Review procedures and work instructions for security coverage.
- Review and update the System Security Plan and its supporting documents.
- Develop security recommendations following NIST guidance and security best practices.
- Tailor NIST SP 800-53 security controls to the environment.
- Support the development of security solutions.
- Create and track security Plans of Action and Milestones (POA&Ms).
- Coordinate with Platform teams to maintain currency of the systems technical description and control implementation statements.
- Perform a security impact analysis for each proposed change to the systems configuration.
- Review and update security artifacts and process/procedure documents.
- Review work instructions and operational procedures for compliance with security requirements and policy.
- Interpret security principles and requirements for technical teams.
- Collaborate with ISSOs of other FISMA systems to ensure continuous compliance with security control inheritance conditions.
- Monitor remediation of system vulnerabilities discovered by scanning tools.
Experience & Skills:
- At least five (5) years serving as, or supporting, an ISSO or ISSM.
- Demonstrated experience with Information Security engineering practices and experience with implementation of NIST security controls.
- Experience implementing the NIST Risk Management Framework.
- Broad understanding of security protections typical in enterprise environments, including security hardening, firewalls and input filtering, DiD architectures and boundary/endpoint best practices.
- Basic understanding of server, workstation, network, database and web technologies.
- Familiarity with Cyber Security Assessment and Management (CSAM), Splunk, Symantec Endpoint Protection, Tenable Security Center, IBM BigFix and Cisco IDS/IPS tools.
- Knowledgeable of security policy/manuals and other guiding policy documents.
- Ability to take a proactive and aggressive stance with minimal guidance, and function well in a team environment.
- Strong presentation, communication and writing skills.
- Fluent in all Microsoft Office products (Word, PowerPoint, Excel, Project, Visio).
Education & Certification(s):
- Bachelors degree or 9 years of additional security-related experience may be substituted.
- Active CompTIA Security+ or (ISC)2 CISSP certification
- Administrator-level expertise in at least one of the following technology areas:
- oMicrosoft Windows (Server 2008 or 2012, Windows 10)
- oUnix (Solaris 10 or 11)
- oLinux (RHEL 5 or 6)
- oIP networks (IPv4, TCP and UDP transport, VLANs, WLAN)
- All candidates for consideration must be eligible to obtain a Public Trust Clearance.
If you are a good match and interested in more information, please reply or forward the following information to firstname.lastname@example.org place "5445" in the email subject line:
- Updated resume in Word format; including MM/YYYY for each employer
- Best times and ways (email address and phone numbers) to reach you
- Desired compensation (salary or hourly-no benefits)
- Availability to interview and start
Summit Technologies Inc. appreciates your interest. We will contact the best prospects, and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent. Summit Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, age, protected veteran status, or disability status.