Vacancy expired!
DSA is searching for a Senior Information System Officer to join our team with the DOJ. The ideal candidate will report directly to the Project Manager and have strong leadership skills and the ability to lead teams, tasks and projects. The Senior Information System Security Officer (ISSO) will be an integral part of a team responsible for supporting the development and maturation of adherence to security compliance requirements of cloud systems for a large civilian Federal agency. The candidate should have strong technical and data analysis skills. The candidate will serve as a subject matter expert (SME) with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls. Primary Responsibilities: Experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines. Experience developing, reviewing, assessing, and updating RMF documentation, including System Security Plans (SSP), Contingency Plans (CP), POA&Ms, and other relevant security documentation for new systems. Knowledge of NIST SP 800 family of publications, particularly those associated with risk management policy and procedures. Vulnerability scanning execution, assessment, and analysis including developing detailed remediation plans. Operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN]). Application/OS security, database security, and network security. Ability to assess and weigh current and evolving security threats in an operational environment. Applies extensive knowledge of a variety of the IA field's concepts, practices, and procedures to ensure the secure integration and operation of all systems. Advising senior-level stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations. Leveraging Agency provided Governance, Risk, and Compliance (GRC) Tools, such as CSAM or RSA Archer, to track and reconcile findings from the system assessments, audits, and vulnerability scans. Responding to government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports. Managing system POA&Ms, including advising on remediation efforts. Working closely with senior agency security officials, system owners, ISSOs, and other stakeholders to advise and implement security solutions. Identify opportunities for efficiencies in work process and innovative approaches. Participate in team problem solving efforts and offer ideas to solve client issues. Conduct relevant research, data analysis, and create reports. Minimum Qualifications: US Citizenship. Bachelor's degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline is required. Four (4) additional years of experience in IA/Information Security will be an acceptable substitute for a Bachelor's degree. ISC2 CISSP or equivalent advanced security certification. Minimum of seven (7) years of information security-specialized experience, including applying, analyzing and assessing information systems and security controls (NIST SP800-53, Revision 4 and Revision 5). Minimum of three (3) years in a leadership capacity. Written and oral communication skills including the ability to communicate complex technical issues to senior stakeholders and non-technical staff. Knowledge and understanding of integrating the security lifecycle into the system development lifecycle (SDLC). Experience working with Federal Information Security Modernization Act (FISMA) requirements, and National Institute of Standards and Technology (NIST) guidelines. Demonstrated ability to prioritize and manage competing work assignments in a time sensitive environment. Ability to weigh business risks and enforce appropriate information security measures. Strong inter-personal and communications skills. Demonstration of ability to solve problems using best practices and systematic approach. Preferred Tool Experience Tenable Nessus Security Content Automation Protocol (SCAP) CSAM CDM Dashboard COVID-19 continues to significantly impact our communities, families and employees. With employee health and safety as our top priority DSA is taking action to address the increased risk and uncertainty COVID variants pose in the workplace. DSA, will require all newly hired employees to be fully vaccinated before their start date and show proof of vaccination on the first day of employment along with all I9 required forms. These forms are only to be provided via instruction from HR and with approval from DSA management for any access to customer facility. Salary and Benefits include but not limited to:
- The hours for this role are Full-time, Regular - Start and End times are dependent on customer requirements
- Leave benefits include Paid holidays, Vacation, Sick and Bereavement
- Retirement benefits include 401K with 20% match to employee contribution, and Employee Stock Ownership Shares provided by DSA.
- Insurance benefits include customizable Medical, Dental, Vision,Health Savings, Dependent Care, and Domestic Partner Coverage
- Paid short term and long term disability, life insurance, up to 6 weeks of paid maternity leave to care for a newborn (and additional unpaid time through the FMLA), fertility assistance, and adoption assistance.
- Critical Illness, Accident and Pet Insurance
- Identity Theft Protection
- Pre-Paid Legal Assistance
- Employee Assistance Plan
- Prescription Drug Discount Membership
- Wellness Program / Healthy lifestyle rewards
- Tuition assistance and Technical 100% Paid Training and Family Tuition Assistance.