Information Systems Security Officer

ITCON Services

is seeking to hire a motivated and knowledgeable

Information Systems Security Officer (ISSO)

to join our team. The ISSO will work with multiple teams of developers and analysts in a dynamic environment. The ideal candidate should be able to multi-thread work in different customer environments.

Required active certification:

Certified Information System Security Professionals (CISSP)

Certified Authorization Professionals (CAP)

CISSP Required!

The Information Security Analyst responsibilities will include:

Scanning and analyzing Information Systems for security vulnerabilities

Reviewing scan reports to determine remediation path

Working with the project teams to implement vulnerability remediation

Tracking and resolving POAMs on time

Producing actionable; risk-based reports on security assessment results

Managing; training and mentoring more junior team members

Assisting with vulnerability remediation when necessary

Developing necessary documentation to secure Federal System ATO

Design, develop, and recommend integrated security system solutions that will ensure proprietary and confidential data and systems are protected

Provide technical engineering services for the support of integrated security systems and solutions

Interface with clients in the strategic design process to translate security and business requirements into technical designs

Configure and validate secure complex systems, tests security products and systems to detect security weaknesses. In addition to technical tasks, the candidate will be responsible for mentoring junior team members, contributing to technical solutions across multiple projects, and providing input on technical proposals.

At ITCON, we offer competitive compensation, paid training and development opportunities, healthcare benefits that start on your first day, commuter benefits, work-life balance, and the opportunity to work alongside an amazing and growing team.

Applicant must be a permanent resident or citizen of the United States and clearable for Public Trust clearance with the U.S Government.

Required Skills and Qualifications

8+ years of experience in complex regulatory and audit program, focusing on secured cloud capabilities, to include Authorization to Operate (ATO) in multi-tenant environment

Ability to work as a self-starter with the ability to bring innovative ideas to improve customer delivery

Ability to communicate in a clear and efficient manner in a team environment

Ability to collaborate and contribute in a high performing team to delight our customers

Thorough understanding of NIST 800

Computer Security, Cyber Security, and Risk Management Framework.

Experience in interpreting IT vulnerability scanning results.

Experience in managing security Certification and Accreditation activities utilizing common control frameworks

Experience with risk mitigation and selecting or designing appropriate security controls for implementation

Experience applying cloud security concepts, requirements, design development, implementation, and integration for existing and new technology product offerings

Experience with overseeing compliance programs in Microsoft Azure, Amazon AWS, PCI DSS, and Fed Ramp cloud environments

Experience in coordinating, monitoring, and tracking security activities across multiple organizations

Experience in managing security posture of cloud environment, and working with engineering teams to remediate, and communicating overall risk of environment while identifying areas of improvement

Demonstrated understanding and experience with DevSecOps

BA or BS degree in Science, Technology, Engineering, or Mathematics

Hold active certification: Certified Information System Security Professionals (CISSP) and Certified Authorization Professionals (CAP).

Desired Skills and Qualifications

Experience project leadership in monitoring computer networks and security issues, investigating and resolving security and cybersecurity incidents.

Experience in developing system/application certification and accreditation documentation.

Experience working with Agile teams and SAFe to perform testing and uncovering system and network vulnerabilities

Experience in documenting security incidents and performing security vulnerability assessments

Risk assessment experience, threat identification, security categorization, gap analysis, and compliance reporting.

#J-18808-Ljbffr