Senior Specialist/Information Security Officer (Isso)

COMPANY OVERVIEW:

ASI Government provides government leaders with the expertise they need to navigate acquisition and organizational challenges so they can make an impact and achieve their goals. For over 25 years, ASI has transformed the way government does business, impacting over 70 government agencies across the civilian, defense, and intelligence communities.

Do you thrive on creating unique and impactful value for federal clients? Are you passionate about partnering with clients and collaborating to create solutions? Do you enjoy the opportunity to drive change that impacts our nation? We are looking for smart, curious, driven individuals to join us in partnering with our clients to help them solve some of the nation's most challenging problems.

ASI Government serves as a trusted adviser to government leaders seeking improved performance, enhanced organization effectiveness, and strategic change.

ASI is actively seeking 2 Information Systems Security Officers (ISSO).

JOB DESCCRIPTION: The following Information Systems Security Officers (ISSO) support services shall be provided to the Federal Bureau of Prisons. The contractor, serving as the ISSO, shall prepare and maintain correct, thorough, and timely inputs to accreditation packages and critical documents that stipulate concepts, requirements, continuity, and contingency in accordance with current network accreditation processes.

POSITION REQUIREMENTS:

• Provide analyses and decision support information for the A&A to make system/network risk management determinations for an Authorization to Operate (ATO).

• Provide draft inputs to security policies and guidance, based on Government requirements and industry best practices.

• Provide artifacts and information required for audits and inspections.

• Develop and maintain matrices to track and analyze trends in IA readiness and compliance.

• Manage and track all Plan of Action and Milestones (POA&Ms) created by the organization to address identified weaknesses, vulnerabilities, and audit/assessment findings from creation to closure.

• Coordinate and implement Information Operations Conditions (INFOCON) measures as necessary.

• Utilize tools and tracking mechanisms that shall automate reporting and data collection of Information Security (INFOSEC) associated vulnerabilities.

• Provide continuous monitoring of all enterprise-managed assets.

• In-depth knowledge of cybersecurity principles, practices, technologies, and regulatory requirements.

• Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions.

• Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical stakeholders.

• Possesses demonstrated expertise in and capability to perform full range of Information System Security to include:

• Assist in identifying, implementing, and assessing security, privacy, and common controls.

• Work with system stakeholders to develop the SSPP, SAR, ISCP, Incident Response Plan (IRP), Configuration Management Plan (CMP), MOU/A, Interconnection Security Agreements (ISA), POA&Ms, and related information system documentation to include ISO memos, Project Plan, FIPS 199, System Security Plan (SSP) and control plans.

• Ensure common controls are available for inheritance by other information systems.

• Ensure systems operate, maintain, and dispose of information and data per DOJ policies and procedures.

• Report and support the SO with all security-related incidents.

• Monitor system recovery processes and ensure proper information system security features restoration.

• Perform security and privacy control assessments and information security continuous monitoring (ISCM) per DOJ's frequencies.

• Serve as a Configuration Control Board (CCB) member to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented.

• Complete the security impact assessment for any system-related change that could affect the security posture of the information system.

• Address information system security requirements during all phases of an information system lifecycle.

• Review system audit logs, maintain evidence of review, and report completion of audit log review to the SO.

• Review and analyze automated scan results and work with stakeholders to document remediation activities.

• Monitor the security posture of the information system and report any anomalies.

• Proficiency with Microsoft Office Suite.

MINIMUM QUALIFICATIONS

• Bachelor's degree in computer science, information technology, cybersecurity, or a related field. Experience equivalency will be considered if no degree.

• Minimum of 7 years of experience in information security, with at least 2 years in a leadership or managerial role.

PREFFERED QUALIFICATIONS

• Master's degree in a related field.

• Professional certifications in cybersecurity (e.g., CISSP, CISM, CompTIA Security+) preferred.

CLEARANCE REQUIREMENTS: Ability to obtain and maintain a secret clearance

LOCATION: Remote

DESIRED START DATE: Determined upon award. As early as the beginning of May 2024

Equal Opportunity: ASI Government is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability. To view the EEO Is the Law Poster, click here.

E-Verify: ASI Government participates in E-Verify, a service of DHS and SSA. See the E-Verify Notice and Learn About your Right to Work here and here.

ASI is committed to working with and providing reasonable accommodations to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, please send an email to HR@asigvot.com or call 703-253-6300 and let us know the nature of your request.