3 days old

Information Systems Security Officer

Washington, DC 20004
Apply Now
Apply on the Company Site
Business Group Highlights

Civilian, State and Local

Perspectas Civilian, State and Local segment partners with the U.S. Federal Civilian State and Local governments to provide infrastructure services, business solutions, and digital transformation services that help them achieve policy objectives and integrate citizen-centric services.

Responsibilities

General overview: Provides feedback to design engineers and evaluates end-to-end systems and systems-oriented products through their entire life cycle. Working as expert, conducts research and evaluates technical performance of software products and overall segments and systems. Ensures products and systems comply with requirements and government information assurance and cyber security standards and practices through formal verification methods. Verifies/validates systems with specific emphasis on network operations and cyber warfare tactics, techniques, and procedures focused on the threat to information networks. Assesses performance using evaluation criteria and technical performance measures. Prepares assessments and cyber threat profiles of current and planned products based on sophisticated testing, research, and analysis. Participates in design reviews of components (hardware and software) to ensure applicability to the current system and traceability of requirements. Reviews test plans/procedures and ensures they verify/validate the requirements. Develops and maintains analytical procedures to meet changing requirements. Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and operations officials.

Our task order provides on-site technical and administrative Security Assessment and Authorization (A&A) and Continuous Monitoring (CM) support for the client enterprise wide.

Perspecta is seeking a talented and motivated Information Systems Security Officer (ISSO) who will ensure that the appropriate operational security posture is maintained for assigned Information Systems (IS) under his/her purview, will work in close collaboration with the Information Systems Security Manager (ISSM), the Information System Owner (ISO), and other IS Stakeholders. The candidate will ensure that cyber security requirements are effectively integrated into the IS operations, management, and documentation. As ISSO, the candidate will provide critical systems, application and infrastructure support to our Customer. The candidate will have the opportunity to work with a Team of ISSOs across multiple technical areas, on various system classification types and categorizations, as well as have the opportunity to collaborate with a diverse group of security professionals. Work in close coordination with all system stakeholders.
Job Responsibilities:
Create and maintain existing information system security documentation, including System Security Plan (SSP), Security Controls Matrix and/or Assessment, and Security Configuration Guide (controlled changes to the system). Develop or modify implementation and design documents describing how security features are implemented. Prepare system documentation for assessment in accordance with the Risk Management Framework (RMF) and NIST Special Publications (800-37, 800-53 and others); identify deficiencies and provide recommendations for solutions. Track findings with Plan of Action and Milestones (POA&M) through mitigation and/or risk acceptance. Responsible for elements of physical and environmental protection, personnel security, incident handling, and security training and awareness and ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures. Ensure all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before being granted access to the system, and periodically thereafter. Create security policies and maintain existing information system security documentation. Conduct periodic and continuous reviews of the system to ensure compliance with the authorization package. Work with the Information Assurance (IA) team to perform basic system administration and maintain various IA tools, including audit collection and reporting systems, vulnerability management programs, and other continuous monitoring capabilities. Participate in the change management process, including reviewing Requests for Change (RFC) and assist in the assessment of a potential change's security impact. Conduct daily, weekly and monthly audit review and management of the audit collection system. Continuously review and evaluate vendor, security, and business best practices for implementing a comprehensive audit program. Implement vulnerability management programs, including tracking and addressing IAVAs and security patches, accessing applicability to existing systems, and ensuring closure. Provide direction and guidance to less experienced IA personnel. Remain sensitive to security infractions and assist in security investigations and responses as requested. Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following an outage.
Cloud responsibilities include providing security requirements analysis of cloud architectures and designs. Identifying technical gaps and providing solution recommendations for cloud services acquisition, development, migration, implementation, and monitoring. Explaining cloud security controls/requirements and guidance to the System Owners and System Teams and recommending implementation strategies. Identifying cloud vulnerabilities and recommending mitigation alternatives for POA&M items. Reviewing cloud security test results to identify weaknesses, technical flaws, and vulnerabilities. Reviewing cloud SLAs for compliance to requirements.

Qualifications

BS 8-10, MS 6-8, PhD 3-5


Preferred candidate will have a minimum of ten (10) years of work experience in computer science or cyber security-related field.
Strong background and extensive experience with Risk Management Framework (RMF), ICD 503, NIST SP800-53 and 53a or DCID 6/3; knowledge of current authorization practices, particularly within the Department of Justice. Extensive background with DITSCAP/DIACAP may be substituted in some cases.
Familiarity with the use and operation of such tools such as Tenable's Nessus and/or Security Center, IBM Guardium, HP WebInspect, AppDetect, Network Mapper (NMAP), or like applications
Knowledge and experience with security efforts related to Windows, Linux, Solaris, VMWare, Cisco, Juniper, SQL, and Oracle.
Experience implementing and using various IA tools including vulnerability assessment, patch management, audit collection, audit review, audit management, and end-point protection
Analytical skills, with the capacity to quantify and/or qualify risks as they relate to the enterprise systems
Good communications skills, both in writing and orally


Additional/desirable knowledge/experience:
Cloud technologies such as AWS, Microsoft Azure and Google Cloud; knowledge of current authorization practices, particularly within the Department of Justice


Education and Certifications:
International Information Systems Security Certification Consortium (ISC2) Certified Information systems Security Professional (CISSP/CISM), the Global Information Assurance Certification (GIAC) Information Security Professional (GISP), or the Computing Technology Industry Association (CompTIA) Advanced Security Practitioner (CASP) or other certifications exemplifying DoD 8570.1 IAM level III proficiency

About Perspecta

What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sectorfrom investigative services and IT strategy to systems work and next-generation engineering.

Our promise is simple: never stop solving our nations most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to just that, as a partner of choice across the entire sector.

Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories.

Email this job to a friendRefer
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed




As a government contractor, Perspecta abides by the following provision
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

Industry

  • Information Technology
Posted: 2020-05-23 Expires: 2020-06-22

With offerings in mission services, digital transformation and enterprise operations, our team of 14,000 engineers, analysts, investigators and architects work tirelessly to create innovative solutions. We have the expertise and experience not only to devise solutions, but to execute on them successfully.

Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Information Systems Security Officer

Perspecta
Washington, DC 20004

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast