Senior Information Systems Security Officer

Job ID 2411531-3449

Location REMOTE WORK, VA, US

Date Posted 2024-09-09

Category Cyber

Subcategory Cybersecurity Spec

Schedule Full-time

Shift Day Job

Travel Yes, 10 % of the Time

Minimum Clearance Required None

Clearance Level Must Be Able to Obtain Public Trust

Potential for Remote Work No

Description

SAIC is seeking a Senior Information System Security Officer (ISSO) for our team to support a government customer. The primary responsibilities for the position are to support all activities that ensure the level of security documented with the security authorization is maintained at an acceptable level of risk. The nature of the work requires that the candidate demonstrate initiative, organization, responsibility, customer service skills, and the ability to be flexible and adaptive to a fast-paced, fluid business environment. The candidate must be able to communicate effectively and decisively with all levels of the organization and be able to solve practical problems as well as exercise sound judgement with regards to sensitive and confidential information. The candidate will also proactively create, monitor and update the status of POA&Ms to ensure weaknesses are resolved in accordance to their scheduled completion dates.

• Applies extensive knowledge of a variety of the Cybersecurity field’s concepts, practices, and procedures to ensure the secure integration and operation of all systems.
• Applies extensive experience with the implementation of the NIST SP 800 family of publications, particularly those associated with NIST’s Risk Management Framework and FedRAMP.
• Applies extensive specialized knowledge of financial audit standards, classified system IA requirements and Privacy Act requirements.
• Applies extensive experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines.
• Applies extensive knowledge and experience with all the following criteria
• Vulnerability scanning execution, assessment, and analysis
• Operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN])
• Information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies
• Application security, database security, and network security
• Relies on extensive experience and judgment to plan and accomplish goals.
• Works independently to solve problems quickly and completely.
• Possess experience in supporting, monitoring, testing, and troubleshooting hardware and software IA problems.
• Possess ability to assess and weigh current and evolving security threats in an operational environment.
• Outstanding problem solving and analytical skills, including ability to create clear observations, analysis and conclusions based on customer interviews and data.
• Team player who can collaborate with multiple stakeholders to arrive at the best solution.
• Relies on extensive experience and judgment to plan and accomplish goals. Works independently to solve problems quickly and completely.
• Experience in supporting, monitoring, testing, and troubleshooting hardware and software IA problems
• Provides objective advice and specialized skills in order to create value, maximize growth or improve performance, resiliency and protection against cybersecurity related threats, vulnerabilities, and other cybersecurity related remediation activities.
• Participates in consulting projects that deliver customer focused results aligned with strategic goals of the Client.
• Facilitates review and analysis of strategic issues and advises regarding implementation of strategy.
• May assist in conducting education classes. May provide support in the following areas guidance to resolving issues, analysis of trends and issues, development of procedures and processes, oversight of technical implementation and execution of strategic plans.
  

Qualifications

Required

• BS and 5 years experience of cybersecurity & FISMA experience (4 years experience in lieu of degree)
• Possess one of the following certifications
• Certified Information Systems Security Professional (CISSP)
• CompTIA Advanced Security Practitioner (CASP)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• GIAC Security Leadership (GSLC)
• Specialized knowledge of financial audit standards, classified system IA requirements and Privacy Act requirements
• Specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with the Risk Management Framework
• Specialized knowledge and experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines
• Knowledge and experience with the vulnerability scanning execution, assessment, and analysis
• Knowledge and experience with the operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN])
• Knowledge and experience with information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies
• Knowledge and experience with application security, database security, and network security
• Knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with the Risk Management Framework
• Experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines
• Ability to assess and weigh current and evolving security threats in an operational environment
  

Desired

• Current experience providing ISSO support to DHS
• Experience supporting systems hosted in Cloud environments
• Experience supporting systems in Agile and DevOps environments
  
  

Target salary range $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.