Information System Security Officer with Security Clearance
Peraton Overview Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxyAs the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and securePeraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local marketsEvery day, our employees do the can't be done, solving the most daunting challenges facing our customersResponsibilities Key
Responsibilities:
o Develop and grow existing and new team members to foster collaboration, career development, and a culture of ownership and accountability.
o Provide ISSO support for USAID Business Service systems across all SDLC stages following NIST 800-37 RMF guidelines.
o Provide continuous monitoring support, support SA&A activities, and maintain FISMA compliance for existing and new systems.
o Develop and maintain System Security Plans (SSPs) and manage system Plan of Action and Milestones (POA&Ms).
o Overlay and integrate the Risk Management Framework process into the USAID SDLC (Agile and Waterfall) framework following NIST 800-37 Guide for Applying the Risk Management Framework to the Federal Information System.
o Perform or support activities defined in the NIST RMF to obtain and maintain FISMA compliance; work with the Inspector General (IG) auditing team in support of FISMA audit and RMF assessment teams in support of the SA&A process.
o Identify continuous monitoring capabilities, security controls and/or documents that have not yet been developed or do not meet the specified (specification) security requirement, and work toward maturing these objectives within a timeframe agreed to with the SO and the CISO.
o Provide input for the implementation statements to the Agency System ISSO and SO regarding overall infrastructure, platform, and application security control implementation, regarding the controls and documents identified in NIST SP 800-53 and NIST SP 800-37.
o Provide input to system ISSOs for application-level SA&A documentation updates, including SSP, SAR, MOU, ISA, Contingency Plan, and Privacy Threat Analysis, and for the annual FISMA inventory and categorization.
o Collaborate with the Agency's SO to determine who has access to the system, types of privileges or access rights, and ensure that system users and support personnel receive the requisite security training.
o Participate in Disaster Recovery testing per Contingency Plans maintained by ISSO and in the annual COOP plan.
o Lead the development of the ISO Management Plan.
o Maintain a mature IT cybersecurity practice across the program which includes:
- Facilitating annual system reviews, including internal and 3rd party Control Assessments- Ensuring compliance with IT Security policy and procedures- Interfacing with IT Security personnel, including Security Control Assessors- Reviewing and update program Security Plans and artifact deliverables- Support new technologies transitioning and provide penetration testing services- Conducting vulnerability scans and recognizing vulnerabilities in security systems - Coordinate, participate and remediate findings from penetration tests Contingent on Contract Award Qualifications Basic Qualification:
o U.
SCitizen; eligible for U.
SSecret Security Clearance.
o Bachelor's degree with 5 to 11 years, or master's degree with 6 to 9 years, or PhD with 3 to 6 years' experience is required.
o Must hold a Certified Information Systems Security Professional (CISSP).
o Ability to correlate operational concepts and apply appropriate security measures to mitigate threats or vulnerabilities.
o Experience with risk analysis and assessment determinations incorporating system/mission owner, and unique operational constraintsPreferred Qualification:
o Active Secret Security Clearance.
o Experience with effective policy, instruction, and development for Federal or DoD Information Security Programso Experience performing Security Control Assessment in compliance with NIST 800 guide seriesTarget Salary Range SCA / Union / Intern Rate or Range EEO An Equal Opportunity Employer including Disability/VeteranOur Values Benefits At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us dailyWe're fully committed to the growth of our employeesFrom fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.
o Paid Time-Off and Holidayso Retiremento Life & Disability Insuranceo Career Developmento Tuition Assistance and Student Loan Financingo Paid Parental Leaveo Additional Benefitso Medical, Dental, & Vision Care Recommended Skills Business Continuity Planning Business Continuity Information Technology Infrastructure Libraries Control Objectives For Information And Related Technology (Cobit) Information Technology Infrastructure Library Mitigation Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3q5y26m2bh2pqn5dck', 'ExternalApply-j3q5y26m2bh2pqn5dck'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
Responsibilities:
o Develop and grow existing and new team members to foster collaboration, career development, and a culture of ownership and accountability.
o Provide ISSO support for USAID Business Service systems across all SDLC stages following NIST 800-37 RMF guidelines.
o Provide continuous monitoring support, support SA&A activities, and maintain FISMA compliance for existing and new systems.
o Develop and maintain System Security Plans (SSPs) and manage system Plan of Action and Milestones (POA&Ms).
o Overlay and integrate the Risk Management Framework process into the USAID SDLC (Agile and Waterfall) framework following NIST 800-37 Guide for Applying the Risk Management Framework to the Federal Information System.
o Perform or support activities defined in the NIST RMF to obtain and maintain FISMA compliance; work with the Inspector General (IG) auditing team in support of FISMA audit and RMF assessment teams in support of the SA&A process.
o Identify continuous monitoring capabilities, security controls and/or documents that have not yet been developed or do not meet the specified (specification) security requirement, and work toward maturing these objectives within a timeframe agreed to with the SO and the CISO.
o Provide input for the implementation statements to the Agency System ISSO and SO regarding overall infrastructure, platform, and application security control implementation, regarding the controls and documents identified in NIST SP 800-53 and NIST SP 800-37.
o Provide input to system ISSOs for application-level SA&A documentation updates, including SSP, SAR, MOU, ISA, Contingency Plan, and Privacy Threat Analysis, and for the annual FISMA inventory and categorization.
o Collaborate with the Agency's SO to determine who has access to the system, types of privileges or access rights, and ensure that system users and support personnel receive the requisite security training.
o Participate in Disaster Recovery testing per Contingency Plans maintained by ISSO and in the annual COOP plan.
o Lead the development of the ISO Management Plan.
o Maintain a mature IT cybersecurity practice across the program which includes:
- Facilitating annual system reviews, including internal and 3rd party Control Assessments- Ensuring compliance with IT Security policy and procedures- Interfacing with IT Security personnel, including Security Control Assessors- Reviewing and update program Security Plans and artifact deliverables- Support new technologies transitioning and provide penetration testing services- Conducting vulnerability scans and recognizing vulnerabilities in security systems - Coordinate, participate and remediate findings from penetration tests Contingent on Contract Award Qualifications Basic Qualification:
o U.
SCitizen; eligible for U.
SSecret Security Clearance.
o Bachelor's degree with 5 to 11 years, or master's degree with 6 to 9 years, or PhD with 3 to 6 years' experience is required.
o Must hold a Certified Information Systems Security Professional (CISSP).
o Ability to correlate operational concepts and apply appropriate security measures to mitigate threats or vulnerabilities.
o Experience with risk analysis and assessment determinations incorporating system/mission owner, and unique operational constraintsPreferred Qualification:
o Active Secret Security Clearance.
o Experience with effective policy, instruction, and development for Federal or DoD Information Security Programso Experience performing Security Control Assessment in compliance with NIST 800 guide seriesTarget Salary Range SCA / Union / Intern Rate or Range EEO An Equal Opportunity Employer including Disability/VeteranOur Values Benefits At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us dailyWe're fully committed to the growth of our employeesFrom fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.
o Paid Time-Off and Holidayso Retiremento Life & Disability Insuranceo Career Developmento Tuition Assistance and Student Loan Financingo Paid Parental Leaveo Additional Benefitso Medical, Dental, & Vision Care Recommended Skills Business Continuity Planning Business Continuity Information Technology Infrastructure Libraries Control Objectives For Information And Related Technology (Cobit) Information Technology Infrastructure Library Mitigation Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3q5y26m2bh2pqn5dck', 'ExternalApply-j3q5y26m2bh2pqn5dck'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
