Posted in

IBS Enterprise Operations Lead ISSO

IBS Enterprise Operations Lead ISSO

CompanyCACI
LocationOdenton, MD, USA
Salary$86600 – $181800
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior

Requirements

  • Active TS/SCI clearance
  • Bachelor’s degree +5 years’ experience or 10 years’ direct IBS experience in lieu of education
  • Expert-level knowledge of RMF, NIST SP 800 series and relevant DoD and Agency cybersecurity policies
  • Strong understanding of vulnerability management lifecycle, threat intelligence concepts, incident response methodologies, and risk assessment
  • Knowledge of computer networking, operating systems, security architectures, and common vulnerabilities
  • Excellent analytical, organizational, leadership, and communication skills. Ability to synthesize complex information and communicate effectively to diverse audiences
  • CompTIA Security+ Certification

Responsibilities

  • Act as subject matter expert within the organization for all aspects of Cyber Security (CS) for IBS system.
  • Manage the IBS Enterprise Operations cyber security program ensuring all systems meet agency requirements for compliance, authorization and continuous monitoring.
  • Maintain government information system (IS) authorizations and re-authorizations.
  • Manage all information security aspects of modernization requirements through the RMF process through Authorization to Operate (ATO).
  • Responsible for migrating IS security controls for reauthorization from NIST 800-53 Rev 3 to NIST 800-53 Rev 5.
  • Utilize agency cybersecurity tools to conduct auditing, NESSUS vulnerability scanning, vulnerability mitigation and security control review to meet continuous monitoring mandates.
  • Author Body of Evidence documents required for accreditation and reaccreditation packages.
  • Document all security-relevant changes to IBS System Security Plans (SSP) in XACTA IA Workflow Manager.
  • Interpret and provide guidance on current agency cybersecurity policies and procedures to users, administrators, system/data owner and organization leadership.
  • Coordinate with Security Control Assessors (SCA) to define the scope of testing required to validate currently implemented security controls are compliant with policy and the accredited security posture for system authorization/reauthorization.
  • Serve as Subject Matter Expert (SME) and primary point of contact for all Computer Security Incidents and required reporting.

Preferred Qualifications

  • CISSP certification