Information Systems Security Officer
Vacancy expired!
Position Overview System High Corporation delivers the most advanced protection and secrecy solutions to secure and strengthen critical missions, programs, operations, and intelligence activities. We are seeking an Information Systems Security Officer to join our team with the Defense Advanced Research Project Agency (DARPA) to help contribute to our success and help us solve problems with innovation through intelligence. Duties include, but not limited to:
- Ensuring that Stakeholders adhere to Federal Information Assurance policies and procedures to acquire and maintain an Information System's Authority to Operate (ATO) under The Federal Information Security Management Act (FISMA) of 2002
- Lead RMF A&A efforts including activities within the A&A cycle and outside of the SCA functions, work directly with ISSM, ISO, and AO, work with engineering and support staff to secure systems and ensure compliance, and maintain POAMs.
- Responsible for ConMon (Primarily completed through Splunk. Small number of manual/administrative checks).
- Assist with IR activities
- Assist with vulnerability scanning using Tenable Nessus (also includes STIG (hardening) compliance).
- Accountable for the real-time analysis, commentary, and handling of security events
- Contribute to the accuracy and efficiency of analysis operations through technical innovation, procedural refinement, training of analysts and analyst oversight.
- Minimum 6 years' experience in computer science or cyber related field
- Experience with NIST 800-37, 800-137, 800-53 rev 4 and understanding of draft rev 5, 800-39, 800-171 and 800-171A for self-assessments, 800-60, NIST 800-100, NIST 800-18, NIST 800-53 rev 4 guidelines and NIST 800-53a security controls assessment practices.
- Experience with systems engineering design and development toward a "baked-in" security design using Information Assurance best practices.
- Understanding of the FedRAMP process, coordinating with 3PAO's, and migrating on prem systems to an accredited cloud-based solution (e.g., AWS (GovCloud), Azure)
- Understanding of vulnerability and scanning tools and well-versed in interpreting risk posture resulting from assessment reports
- Knowledge of vulnerability management, risk management, project management, proficient with Microsoft products - Word, Excel, PowerPoint
- Experience with Tenable's Nessus and/or Security Center, IBM Guardium, HP WebInspect, or Network Mapper is a plus
- Risk assessment experience, especially with NIST 800-53 Threat identification, system security categorization, gap analysis, and compliance reporting
- Must be able to apply and validate security patches as they align to NIST guidelines, client policies and procedures, and OMB Mandates.
- Experience with creating or maintaining security artifacts as part of the ATO package including but not limited to; System Security Plan (SSP), Contingency Plans (CP), Disaster Recovery Plans (DRP), Plan of Action and Milestone (POA&M), Incident Response (IR), and other security documentation.
- Top Secret (TS) clearance
- Bachelor's degree. Can be substituted for associates degree with 2+ years relevant experience or 4 years relevant experience.
- This job description is not designed to cover or contain all job duties required of the employee. There may be additional activities, duties and/or responsibilities that are required for this position that are not listed in this job description.
- In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
- System High is a Military friendly employer. Our extensive work on behalf of the U.S. government offers those who have served in uniform an opportunity to continue to serve their country in a new and exciting way while enjoying a successful civilian career.
- System High values the power and strength of diverse backgrounds on the culture and performance of our company. We strive to maintain an inclusive culture to encourage each employee to bring their whole self to the mission.
- System High Corporation is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.
- Equal opportunity legal notices can be viewed on the following PDFs: EEO is the Law; EEO is the Law Supplement; Pay Transparency Nondiscrimination