Senior Information Security Officer – Isso
| Company | AnaVation LLC |
|---|---|
| Location | Reston, VA, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior, Expert or higher |
Requirements
- Demonstrates strong experience with IC/DoD customer’s Assessment and Authorization (A&A) process (e.g., RMF, NIST800-53, ICD503)
- Experience in developing and implementing DoD/DIA approved information security controls, procedures and documentation for the operation of standalone classified systems
- A Bachelor’s Degree from an accredited institute in an area applicable to this position and eight (8) years of relevant experience
- An additional four (4) years of relevant experience may be substituted for the bachelor’s degree
- Must presently be 8570 compliant (IAT Level 2 preferred); must be 8570 compliant (IAT Level 2)
- Experience with one or more commercial government cloud service provider’s system accreditation processes
- Experience with the Xacta
- Experience as a Cybersecurity Control Assessor for SAP
- Experience with Ongoing Authorizations and Assessments
- Experience with C2S Cloud, or DevOpsSec)
- Active TS/SCI with CI Poly
Responsibilities
- Responsibilities are full time on customer’s onsite and will cover classified programs and Special Access Programs (SAP). No Telework.
- Provide subject matter expertise and consulting on security related matters for enterprise information system and network architectures, access problems, and implementation of security policies and procedures.
- Assist in overseeing and managing day-to-day operation of SAP Information Systems.
- Optimize system operation and resource utilization and performs system capacity planning/analysis while maintaining the security posture.
- Assist team in DIA’s Authorization and Accreditation (A&A) process using RMF across the design lifecycle for classified systems obtaining and maintaining Interim Authority to Operate (ATO), ATO and Authority to Connect (ATC).
- Create and process RMF authorization SAP packages from submission to approval/disapproval
- Develop and maintain IT security documents, including system security plans, risk assessments, Plan of Action and Milestones (POA&M), contingency plans, incident response plans, IT security policies and procedures.
- Provide recommendations regarding remediation and mitigation of identified vulnerabilities by developing plan of action and milestones (POA&Ms).
- Advise developers on integrating security requirements
- Demonstrate a strong understanding of Networks, Cloud, and IT system security authorization procedures.
Preferred Qualifications
-
No preferred qualifications provided.