Information System Security Officer II

Overview

Goldbelt Hawk designs, develops, and implements comprehensive solutions for problem spaces, including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specializing in local and enterprise-level incident response and forensic analysis, Hawk's personnel deliver threat analysis and reporting while implementing solutions based on mature planning and development practices.

Summary:

Goldbelt Hawk has an immediate need for a Top Secret cleared Information Systems Security Officer (ISSO) in Washington, DC. The work site is in downtown, Washington DC. Telework is available during the COVID pandemic at the discretion of the Federal Program Manager.

Responsibilities

Essential Job Functions:

• Provides ISSO support to a classified system or systems.

• Serves as the principal advisor to the Information System Owner (SO), Business Process Owner, and the Chief Information Security Officer (CISO)/ Information System Security Manager (ISSM) on all matters, technical and otherwise, involving the security of an information system.

• Supports cyber security engineering tasks such as developing security specifications/architecture/ plans, developing, implementation/support of trusted computing bases.

• Ensures compliance with annual Federal Information Security Management Act (FISMA) deliverables and reporting.

• Ensures security awareness and precautionary measures are exercised to prevent the introduction and/or proliferation of malicious code or other adverse IS conditions. This includes exercise of continuity and/or disaster recovery plans, as required.

• Promotes an environment of continuous process improvement and team collaboration.

• Works closely with the Technical Teams to maintain the various system and applications Assessment & Authorization (A&A) status within the Risk Management Framework (RMF)

• Researches and maintains knowledge of Information Assurance (IA) policies and practices,

• Develops and maintains System Security Plans (SSPs) and all other system security documentation, review and update them at least annually for all assigned systems.

• Supports risk assessment and evaluation activities throughout the site accreditation process.

• Reviews risk assessment reports, supports analysis of the findings and provides expert technical guidance for mitigation strategy including implementation advice on the cyber security risk findings and other complex problems.

• Provides guidance, oversight, and expertise, and if required develops and implements security documents and security controls.

• Coordinates, facilitates, or otherwise ensures timely completion of security-related tasks.

• Ensures that security-related Standard Operating Procedures (SOPs) are developed and maintained.

• Initiates, with ISSM or SO approval, protective and corrective measures when a security incident or vulnerability is discovered.

• Ensures that system security r