Match score not available

ISSO

extra holidays - extra parental leave

Remote:

Full Remote

Contract:

Full time

Experience:

Mid-level (2-5 years)

Work from:

United States

Offer summary

Qualifications:

Bachelor's degree, 2-4 years experience in cybersecurity, Active certification (CASP, CISSP, etc.), Familiarity with Federal Zero Trust requirements, Advanced Microsoft Office skills.

Key responsabilities:

Prepare documentation for FedRAMP requirements
Develop briefings for Government management
Support Security Authorization and control assessments
Perform document reviews on security operations
Provide technical security solutions to development teams

ASRC Federal XLarge https://www.asrcfederal.com/

5001 - 10000 Employees

See more ASRC Federal offers

Job description

ASRC Federal is seeking experienced Cyber Security Independent Assessor with experience assessing Federal agency compliance with the DHS CISA Zero Trust Maturity Framework in support of a new government program. This program will support and augment ongoing efforts to achieve, maintain, continuously improve, and integrate ZT operational capabilities and solutions across ZT pillars. The purpose of this program is to provide enhanced capabilities and integration of operational capabilities and services across ZT pillars to accelerate ZT maturity beyond its current rate, and achieve and maintain White House, OMB, and DHS ZT maturity goals over the next two years.

ISSO/ISSM SMEs will support the security activities associated with evaluating, assessing, implementing, and managing security practices and continued operations of new and existing technologies for assigned systems in a Zero Trust environment. ISSO SMEs shall perform all duties and responsibilities in accordance with NIST SP 800-37, Risk Management Framework for Information Systems and Organizations, DHS 4300A, Zero Trust Framework, FISMA and other applicable guidance. This position is REMOTE.

Responsibilities

 

Prepare documentation to support the operations of FedRAMP requirements.
Develop briefings and presentations for Government PM and Executive Management.
Provide security recommendations.
Support Security Authorization Processes, Security Control Assessments, and Ongoing Authorization activities as required and as directed by the customer.
Provide technical security solutions and control implementation recommendations to the development teams based on industry best practice and Federal requirements.
Perform comprehensive document reviews (DR) on risk management and security operations documentation, in alignment with DHS, USCIS, Zero Trust and FISMA requirements.
Perform independent reviews of system self-assessments of Zero Trust maturity

ASRC Federal Advantages

Learning and Development: After 90 days of employment, regular full-time employees are eligible to participate in our professional development program including funds annually to go towards Associate’s, Bachelor’s or Graduate Degrees; Industry standard professional certification; A professional certificate program; Continuing education classes; and Registration fees to attend professional conferences.
Employee Resource Groups: That provide our employees the opportunity to collaborate and network with colleges with common interests, backgrounds, and experiences including Women's Impact Network (WIN), Multicultural ERG, Military Community (MILCOM), and Pride ERG for LGBTQ+ employees and allies.
Purpose Driven Careers: Certified Great Place to Work™; Certified Military Times' 'Best for Vets' and Military.com ‘Top 25 Veteran Employer.’
Benefits: Comprehensive insurance packages including medical, dental, vision, life insurance, and short term/long term disability, as well as a 401K with generous company match and immediate vesting.
Holidays: 11 paid holidays.

Requirements

Requirements

Must be a US Citizen able to obtain an agency-specific suitability / public trust clearance prior to starting.
Familiarity with Federal Zero Trust requirements and assessing agency Zero Trust maturity in accordance with DHS CISA Maturity Model
Will have or be able to attain at least one active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, and CISA; or other comparable certification which must be approved in advance by the Government PM (on a case-by-case basis).
2 - 4 years of experience with analyzing, assessing, and implementing corrective actions based on vulnerability and configuration management tools.
2 - 4 years of experience with technical writing, administrative tasks, and conducting briefings.
Bachelor's Degree
Excellent customer service, analytical, problem solving, and interpersonal skills.
Ability to work independently and function as an integral part of the team.
Excellent oral and written communication skills; technical and business focused, with the ability to document and describe security process information collected.
Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints.
Advanced Microsoft Office skills.
Familiarity with NIST SP 800-53, RMF, FISMA, and DHS policies.
Strong analytical and problem-solving skills.

Desired Skills And Qualifications

Security experience with systems in the cloud; specifically, AWS, Google, or Azure.
Experience with CI/CD - Deployment pipeline (e.g., Jenkins, Ansible).
Ability to provide security recommendations during the change management process.
Knowledge of Twistlock, Nessus, and Burp Suite vulnerability scanners.
Ability to function as a technical and security expert across multiple project/task areas.
Ability to work on high priority, ad hoc requests such as data calls, Senior Management (CIO, CISO, etc.) Initiatives, and customer mandates.
Deep understanding of Zero Trust and Security Regulations, such as NIST Publications and OMB Memoranda.