Information Systems Security Officer (ISSO)

Iron Bow Technologies is seeking an experienced Information Systems Security Officer to support an existing, long-term Federal Government customer, the Department of Justice (DOJ).  Our Information Systems Security Officer will provide IT Security Support to the DOJ Civil Division (CIV) including Information System Security reviews and assessments, drafting/maintaining documentation, system audits, vulnerability management, risk assessment, product evaluation, security implementation and remediation, security incidents and network security support.  This is an onsite position at the customer’s site in Washington, DC.  There may be an opportunity for a hybrid schedule with up to 2 days/week remote after becoming fully engaged with the position.  Candidates should be aware that a hybrid schedule can change without advance notice so that we are aligned with the customer’s expectations.

WHAT YOU’LL BE DOING

The Information Systems Security Officer participates in the review of identified new technologies or policies (e.g., Cloud Solutions fully off premise or hybrid, Continuous Diagnostic and Mitigation (CDM) technologies, anomaly-based tools, virtual environments) to determine any impact on CIV systems and report findings.  You will also participate in the development of monthly, quarterly, and annual Federal Information Security Management Act (FISMA) reporting documents and recommend enhancements that will be shared with CIV IT leadership.  Responsibilities include:

• Provide technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, security implementation, and remediation.


• Extensive experience in documenting and managing Plans of Action and Milestones (POA&Ms). Proven ability to categorize security risks, prioritize corrective actions, and monitor progress toward mitigating technical and administrative vulnerabilities.


• Draft various security documents that either adhere to existing/revised standards or draft a first-time document that aligns with standards and logically includes all necessary information needed to effectively represent the system.


• Provide technical assistance in the designing and implementation of solutions for protecting confidentiality, integrity and the availability of sensitive information.


• Provide technical support and analysis in the identification, evaluation, investigation, and remediation of cyber and insider threats.


• Provide technical evaluations of CIV systems and assist with making security improvements.


• Participate in design of information system contingency plans that maintain appropriate levels of protection and meet time requirements for minimizing operations impact to the CIV.


• Performs assessment of present levels of cyber security, offer recommendations on levels of risk, training personnel in proper cyber security protocols.


• Conduct security product evaluations, and recommend products, technologies and upgrades to improve the CIV systems security posture.


• Conduct testing and audit log reviews to evaluate the effectiveness of current security measures.


• Support and prepare security documentation for CIV systems for submission to designated reviewers.


• Participate in the management of accreditation of the CIV systems evaluating and certifying the implementation FISMA, the NIST security guidelines, and the Department’s plans, policies and guidelines.

WHAT YOU BRING TO THE TABLE

• A minimum of 8 years of progressive, technical (hands-on) experience in Information Assurance C&A, including being a key contributor to the various security documents created and maintained for the system.


• Being onsite on planned days – this position does require onsite support.


• Experience working as an ISSO supporting federal government information systems including developing and maintaining POA&M documentation.


• Experience with ISO, NIST and US Government standards and cybersecurity frameworks (e.g. FISMA, FIPS, HSPD), system administration. Additional understanding of IRS Publication 1075 for the safeguarding of Federal Tax Information(TFI).  


• Experience creating/maintaining system documentation that adheres to the existing documentation standards, as well as drafting first-time documentation that includes all relevant and necessary information about the security posture of the system.


• IT security management, engineering, and analysis experience.


• Experience with ATT and ATO readiness following RMF Lifecycle execution guidelines.


• Performance with continuous monitoring accredited systems, including metrics, timelines, and escalation paths.


• Experience with boundary protections, preferably in a hybrid environment.


• Ability to build a security package that includes control inheritance.


• Must be a US citizen- TS/SCI clearance is required 


• BS. in Information Technology or a closely related field.


• Active CISSP certification or CISM certification.

TRAVEL REQUIREMENTS

This position requires candidates based in the greater Washington, D.C. metropolitan area so that they are accessible to multiple DC-area locations.  There are no travel requirements outside the DC metro area.

WHY YOU’LL LOVE IT

• Be a leader in providing the highest level of customer experience in a fast-paced and exciting environment and a role model for team members.


• Iron Bow is rapidly growing and with growth comes opportunity for all.  There is palpable energy and momentum across the company that is easy to tap into and be inspired by. 


• Be a part of organizational transformation.  Now’s the time to join.  Iron Bow is redesigning customer and employee experiences.  This new approach elevates all and truly enables success.                        #LI-PD1 #LI-HYBRID