Senior Information System Security Officer - Isso

Senior Information System Security Officer – Isso

Bachelor’s Degree in computer science, information systems, or related field and at least ten (10) years of relevant work experience in IT or cybersecurity
Minimum of five (5) years of experience performing ISSM or ISSO duties in classified environments
DoD 8140-compliant baseline certification (CISSP preferred)
Experience with cloud service providers (CSPs) (e.g. AWS, Azure)
Demonstrated experience with Risk Management Framework
Familiarity and experience with technologies such as eMASS, Xacta, ACAS, and Splunk
Experience in assessing systems using NIST 800-53 and/or DISA STIGs and SRGs
Excellent oral and written communication skills

Develop, update, and/or review RMF documentation to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Action and Milestone (POA&M), Risk Assessment Report (RAR), and Security Assessment Plan (SAP)
Assess system compliance against NIST, DoD, and IC security requirements to include the NIST 800-53 and 800-171 controls, and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
Provide Subject Matter Expert (SME) knowledge on matters related to RMF activities across multiple systems and networks of various classifications
Develop and implement information security policies, procedures, and guidelines in accordance with industry best practices, regulatory requirements, and required government policy (e.g. JSIG, NISPOM, NIST SP 800-171, NIST 800-53)
Participate in sessions aimed at identifying, planning, and executing strategies in response to emerging cybersecurity policies
Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes
Collaborate with cross-functional teams to ensure the security of new and existing systems and applications
Other duties as assigned