Information Systems Security III Specialist – ISSO
ODME Solutions, LLC
We Engineer Solutions that Deliver Results. Fast, Effective, and Efficient.
Philadelphia, PA
Posted 1 year ago
Work Status: Full-Time
Location: Philadelphia, PA
Security Clearance: Secret
Requisition Number: CU-ISS-III-ISSO-001
The Information Systems Security III Specialist will support efforts to integrate new technology with IT security standards, technical writing, governance, and policy development/management required to develop, evaluate Information Assurance Assessment and Authorization (A&A) for servers and systems, and validation for systems.
Responsibilities:
- Research and recommend any corrections of CS non-compliance findings.
- Review and analyze network security requirements, network design, and software and hardware, as well as analysis to ensure security controls are implemented in compliance with CS policies and standards.
- Ensure accreditation and authorization packages for systems within the assigned technical department are developed, maintained, and updated.
- Work with the ISSM to tailor the delivery of Cybersecurity Program elements, such as accreditation requirements and strategies, to ensure effective dissemination and implementation within the assigned technical department.
- Ensure information systems are operated, used, maintained, and disposed of in accordance with security policies and practices as required by the authorization package.
- Manage and implement the cybersecurity process, and oversee weekly documentation in accordance with the Risk Management Framework (RMF) to obtain assigned system’s, enclaves, and boundaries Authority to Operate (ATO).
- Track and report on production of system cybersecurity artifacts and status of cybersecurity Assessment & Authorization (A&A) efforts.
- Examine system services and provide guidance to users in assigned department on disabling services, review vulnerability findings with SMEs to determine potential impact of remediation efforts, and devise system remediation and associated test procedures based on vulnerability scan results, STIG findings, and review of system services.
Requirements:
- Eight years of experience coordinating with various levels of an organization to enact required security changes to ensure compliance with published policies; conducting cybersecurity vulnerability and threat analysis; and support cyber incident-response by isolating potentially effected assets, initial investigation and data collection, through status updates/reporting.
- CAP, GSLC, Security+ CE
- Master’s degree in computer science, information technology, or an equivalent technical degree from an accredited college or university.