ISSO - LLJP00001488
Softworld Inc
Lexington MA 02421 US
Job Title: ISSO
Are you the right applicant for this opportunity Find out by reading through the role overview below.
Job Location: Lexington MA 02420
Onsite Requirements:
Assessments and systems authorizations
POA&M's
Requires a Top-Secret clearance
Job Description:
Assist and support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stakeholders. Recognize a possible security violation and take appropriate action to report the incident, as required.
Assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk
Assessment Report, and Continuous Monitoring Strategy.
Ensure systems are operated, maintained, and disposed of in accordance with organizational security policies and procedures.
Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
Lead and align information technology (IT) security priorities with the security strategy.
Prepare for and participate in periodic organization compliance assessments. Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
Education and Certifications:
BS degree is preferred but not required
Security Plus is the minimum 8570 certification requirement.
Qualification
Assessment
Must Have
Admin
System Auditing
4 years
Certification
Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security)
Yes
Experience
Currently holds a Secret Clearance (OR a higher clearance)
Yes
Incident Response
4 years
Regulatory & Compliance
4 years
Government Policy/Regulations
STIGs/SCAP
4 years
Security
Assessing Security Controls (CS105.16)
4 years
Assessment and Authorization
4 years
Authorizing Systems (CS106.16)
4 years
Categorization of the System (CS102.16)
4 years
Continuous Monitoring (CS200.16)
4 years
Implementation of Controls (CS104.16)
4 years
Monitoring Security Controls (CS107.16)
4 years
NIST 800-53
4 years
NIST SP 800-37
4 years
Risk Management Framework (RMF)
4 years
Selecting Security Controls (CS103.16)
4 years
Nice to Have
Degree Level
Bachelor's Degree
Yes
Security
HBSS
0 years
NIST 800-171
0 years
** 3rd party and subcontract staffing agencies are not eligible for partnership on this position. 3rd party subcontractors need not apply.
This position requires candidates to be eligible to work in the United States, directly for an employer, without sponsorship now or anytime in the future.
This client is a US Federal Government contractor and is legally required to hire US Citizens. US Citizens will only be considered for this role.
Due to the nature of the work, a United States Government Clearance is required to be eligible for the position. **
Are you the right applicant for this opportunity Find out by reading through the role overview below.
Job Location: Lexington MA 02420
Onsite Requirements:
Assessments and systems authorizations
POA&M's
Requires a Top-Secret clearance
Job Description:
Assist and support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stakeholders. Recognize a possible security violation and take appropriate action to report the incident, as required.
Assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk
Assessment Report, and Continuous Monitoring Strategy.
Ensure systems are operated, maintained, and disposed of in accordance with organizational security policies and procedures.
Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
Lead and align information technology (IT) security priorities with the security strategy.
Prepare for and participate in periodic organization compliance assessments. Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
Education and Certifications:
BS degree is preferred but not required
Security Plus is the minimum 8570 certification requirement.
Qualification
Assessment
Must Have
Admin
System Auditing
4 years
Certification
Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security)
Yes
Experience
Currently holds a Secret Clearance (OR a higher clearance)
Yes
Incident Response
4 years
Regulatory & Compliance
4 years
Government Policy/Regulations
STIGs/SCAP
4 years
Security
Assessing Security Controls (CS105.16)
4 years
Assessment and Authorization
4 years
Authorizing Systems (CS106.16)
4 years
Categorization of the System (CS102.16)
4 years
Continuous Monitoring (CS200.16)
4 years
Implementation of Controls (CS104.16)
4 years
Monitoring Security Controls (CS107.16)
4 years
NIST 800-53
4 years
NIST SP 800-37
4 years
Risk Management Framework (RMF)
4 years
Selecting Security Controls (CS103.16)
4 years
Nice to Have
Degree Level
Bachelor's Degree
Yes
Security
HBSS
0 years
NIST 800-171
0 years
** 3rd party and subcontract staffing agencies are not eligible for partnership on this position. 3rd party subcontractors need not apply.
This position requires candidates to be eligible to work in the United States, directly for an employer, without sponsorship now or anytime in the future.
This client is a US Federal Government contractor and is legally required to hire US Citizens. US Citizens will only be considered for this role.
Due to the nature of the work, a United States Government Clearance is required to be eligible for the position. **