Job Description - Information Systems Security Officer
ITCON Services
is seeking to hire a motivated and knowledgeable
Information Systems Security Officer (ISSO)
to join our team. The ISSO will work with multiple teams of developers and analysts in a dynamic environment. The ideal candidate should be able to multi-thread work in different customer environments.
Required active certification:
Certified Information System Security Professionals (CISSP)
Certified Authorization Professionals (CAP)
CISSP Required!
The Information Security Analyst responsibilities will include:
Scanning and analyzing Information Systems for security vulnerabilities
Reviewing scan reports to determine remediation path
Working with the project teams to implement vulnerability remediation
Tracking and resolving POAMs on time
Producing actionable; risk-based reports on security assessment results
Managing; training and mentoring more junior team members
Assisting with vulnerability remediation when necessary
Developing necessary documentation to secure Federal System ATO
Design, develop, and recommend integrated security system solutions that will ensure proprietary and confidential data and systems are protected
Provide technical engineering services for the support of integrated security systems and solutions
Interface with clients in the strategic design process to translate security and business requirements into technical designs
Configure and validate secure complex systems, tests security products and systems to detect security weaknesses. In addition to technical tasks, the candidate will be responsible for mentoring junior team members, contributing to technical solutions across multiple projects, and providing input on technical proposals.
At ITCON, we offer competitive compensation, paid training and development opportunities, healthcare benefits that start on your first day, commuter benefits, work-life balance, and the opportunity to work alongside an amazing and growing team.
Applicant must be a permanent resident or citizen of the United States and clearable for Public Trust clearance with the U.S Government.
Required Skills and Qualifications
8+ years of experience in complex regulatory and audit program, focusing on secured cloud capabilities, to include Authorization to Operate (ATO) in multi-tenant environment
Ability to work as a self-starter with the ability to bring innovative ideas to improve customer delivery
Ability to communicate in a clear and efficient manner in a team environment
Ability to collaborate and contribute in a high performing team to delight our customers
Thorough understanding of NIST 800
Computer Security, Cyber Security, and Risk Management Framework.
Experience in interpreting IT vulnerability scanning results.
Experience in managing security Certification and Accreditation activities utilizing common control frameworks
Experience with risk mitigation and selecting or designing appropriate security controls for implementation
Experience applying cloud security concepts, requirements, design development, implementation, and integration for existing and new technology product offerings
Experience with overseeing compliance programs in Microsoft Azure, Amazon AWS, PCI DSS, and Fed Ramp cloud environments
Experience in coordinating, monitoring, and tracking security activities across multiple organizations
Experience in managing security posture of cloud environment, and working with engineering teams to remediate, and communicating overall risk of environment while identifying areas of improvement
Demonstrated understanding and experience with DevSecOps
BA or BS degree in Science, Technology, Engineering, or Mathematics
Hold active certification: Certified Information System Security Professionals (CISSP) and Certified Authorization Professionals (CAP).
Desired Skills and Qualifications
Experience project leadership in monitoring computer networks and security issues, investigating and resolving security and cybersecurity incidents.
Experience in developing system/application certification and accreditation documentation.
Experience working with Agile teams and SAFe to perform testing and uncovering system and network vulnerabilities
Experience in documenting security incidents and performing security vulnerability assessments
Risk assessment experience, threat identification, security categorization, gap analysis, and compliance reporting.
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Others Full-Time Jobs in the US.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip
GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast!
Find the best jobs in the US, apply in 1 click and get a job today!