Sr. Cloud Information Systems Security Officer (ISSO) - Remote

Sr. Cloud Information Systems Security Officer (ISSO) - Remote
Department: GRC
Location:
Text code 4444 to 202-915-6712 to apply!
Since 2009, MindPoint Group has been the cybersecurity firm of choice for the most security-conscious US federal agencies and commercial enterprises.
We're proud to be one of Inc. 5000's fastest-growing companies in the country. With several -Best Places to Work- awards under our belts, we have a diverse employee-focused culture, accessibility, and communication between all levels and departments, and over 4 stars in reviews on Glassdoor.
Come be a part of what we're building. We use our award-winning recruitment process to seek the most skilled, experienced, and driven information security consulting experts in the industry, while simultaneously empowering applicants to determine if MindPoint Group is the right fit for them. We are profoundly invested in selecting the right people to join our team and are equally driven to expand and develop careers long-term.
With positions throughout the US, a role at MindPoint Group promises you:
An opportunity to work within one of the most diverse DC-based organizations
Generous tuition and professional development reimbursements
Mentorship opportunities with leaders focused on your growth
Competitive benefits like 401k matching, 11 federal holidays, etc.
And more!
Job Description
This role is contingent upon award. MindPoint Group is seeking an experienced Information Systems Security Officer (ISSO) to support a federal customer. The ISSO will manage the overall security-related policies, procedures, laws and regulations; create, document and implement various security plans and compliance documents to enforce Information Assurance principles. Systems are deployed using a public cloud service provider to deliver advanced capabilities to the Federal government using IaaS, PaaS, and SaaS service models.
What you get to do every day:
Advise government program managers and stakeholders on security testing methodologies and processes
Conduct impact level categorizations for Confidentiality, Integrity, and Availability of the information on a system
Conduct implementation statement reviews
Create implementation statements
Advise on systems alignment with the NIST Cyber Security Framework (CSF)
Develop, coordinate, test Contingency Plans and Incident Response Plans
Develop and document incident reporting procedures for service desk, admins, and security staff
Review system security documentation to accommodate changes to policy or technology
Evaluate certification documentation and provide written recommendations for accreditation to government PMs
Assess changes in systems, environment, and operational needs that could affect accreditation
Perform system analysis, system audits, system monitoring, security control assessment/testing, risk management, and support incident response
Develop, maintain and manage Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), and other relevant security documentation for existing and new systems
Review proposed change requests related to system design/configuration and performing a security impact analysis (SIA) to provide approval or denial recommendations
Implement and manage Security Controls in accordance with the current revision of NIST 800-53
Conduct system certification tests, inspections, and reviews that include verification that the features and assurances required for each protection level are in place, and prepare Security Assessment Reports
Perform vulnerability/risk assessment analyses to support Assessment & Authorization (A&A) activities
Provide continuous monitoring to enforce client security policy and procedures and create processes that provide increased visibility to system owners on impacts on the security posture of systems
Develop, maintain, and facilitate the appropriate closure of POA&Ms and any related remediation activities
Identify and support system Interconnection Security requirements
Qualifications
US Citizenship with the ability to get a Public Trust required
What skills do you need?
Bachelor of Science degree in Information Systems, Computer Engineering, Computer Science, or Cyber Security, or related major; Experience may be substituted for degree requirement
Security experience with Cloud environments required. AWS experience preferred
At least one of the following certifications: CISSP, CCSP, CCSK, CISM, GSLC, CISA, CASP, or equivalent.
Strong understanding of FedRamp
At least 12 years of experience working in Information Assurance, with at least 2 years working in an ISSO role
Familiarity with the following Security Regulations and/or Frameworks:
FISMA.
OMB Circular A-130.
Privacy Act of 1974.
o NIST 800 Special Publication Series (i.e., 800-53, 800-53A, 800-37, etc.)
Federal Risk Authorization and Management Program (FedRAMP).
NIST Cybersecurity Framework (CSF).
ISO/IEC 27017:2015 Code of Practice for Information Security Controls Based on ISO/IEC 27002 for Cloud Services.
Strong communication, problem-solving, and analysis skills
Ability to work in remote teams
Additional Information
All your information will be kept confidential according to EEO guidelines.
Compensation is unique to each candidate and relative to the skills and experience they bring to the position. The salary range for this position is typically $150-160k. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, maternity/paternity leave, mobile phone stipend, pre-tax commuter benefits, the opportunity to participate in our mentorship program, and more!
MindPoint is committed to maintaining a diverse environment. All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.
Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.
Are you interested in a posted job opportunity but may not check all of the -boxes- for desired qualifications? If so, we encourage you to apply! Our commitment to sustain and champion an inclusive and dynamic community of employees is a high priority!
Text code 4444 to 202-915-6712 to apply!

#J-18808-Ljbffr