Join our Talent Network >

Information System Security Officer

Job ID: 2206625
Location: ALEXANDRIA, VA, United States
Date Posted: Apr 29, 2022
Category: Information Technology
Subcategory: IT Security Administrator
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: No
Benefits: Click here

Share: mail

Job Description

Description

SAIC is looking for an Information System Security Officer (ISSO) for one or more major federal IT information systems as a member of the customer directorate’s Security Team.  Overall, he/she will be responsible for utilizing the NIST Risk Management Framework (RMF) and related Continuous Monitoring activities to maximize the security of their assigned system(s) and ensure compliance with Federal Information Security Management Act (FISMA) requirements and DHSpolicies and processes.

Duties to be performed:

  • Conduct continuous monitoring and self-inspections of computer systems to ensure security compliance with the aforementioned guidance and DHS/CBP policy directives, and proactively report progress to management, make recommendations for security posture improvements, and ensure systems are ready for audits.
  • Review and interpret security vulnerability scans, communicate their contents to management and technical stakeholders, and push them to remediation.
  • Proactively report security status and concerns to management, and make recommendations as appropriate.
  • Participate in and support directorate responses for ongoing information system audits.
  • Develop and update standard government security documentation such as System Security Plans, Contingency Plans, Interconnection Security Agreements, Risk Acceptances/Waivers, Privacy Threshold Analyses, Privacy Impact Assessments, and other ad-hoc documentation as needed.
  • Review and approve/deny relevant system Change Requests as needed.
  • Ensure configuration management is appropriate for all Information Systems (IS) software and hardware, in accordance with DoD STIGs (Security Technical Implementation Guides) and industry best practices.
  • Execute system audit log reviews in accordance with established policy requirements using Security Information and Event Management (SIEM) tools such as Splunk, Kibana, etc.
  • Assist creation of new policies/procedures as needed for directorate systems.
  • Support ad-hoc data call and reporting requirements initiated by DHS CIO, CISA and other headquarters offices.

Qualifications

Required Skills and Experience:

  • BS and 9+ years of overall IT security experience.
  • Ability to obtain and maintain a DHS Public Trust 
  • 6+ years of experience as a primary ISSO or security compliance lead for an IT system.
  • CISSP or CCSP certification.
  • Creating, tracking, and driving to completion Plans of Action and Milestones (POA&Ms) for resolving security control deficiencies.
  • Providing system-level security auditing support, including interacting directly with auditors and providing artifacts as requested.
  • Executing the completion of a new or renewed system Certification and Accreditation (C&A) package from start to finish.
  • Effectively communicating security vulnerabilities with technical POCs and management.
  • Possesses significant security experience with systems primarily supported by Linux OS (on premises) or Amazon Web Services (AWS).
  • Possesses significant experience and knowledge of how to interpret details of vulnerability scans and effectively communicate results.
  • Understands the differences between types of vulnerability scans.
  • Demonstrates a knowledge of cloud systems/types and related security issues.
  • Possesses significant experience writing or updating system Security Plans.
  • Demonstrates the ability to communicate effectively verbally and in writing.

Preferred/Desired Skills and Experience:

  • Utilizes Splunk or other SIEM tools.
  • Creating, tracking, and updating security policies and/or procedures.
  • Creating, tracking, and updating Interconnection Security Agreements (ISAs), risk acceptance memorandums, and policy waiver requests.
  • Demonstrates the ability to lead annual Contingency Plan Tests in either tabletop form or as actual fail-over tests.
  • Supporting the federal government in an IT environment.
  • Security experience with cloud systems hosted by Amazon Web Services (AWS).
  • Possesses the ability to lead an IT security team.
  • Experience with DoD STIG system configuration standards.

 



Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.

Overview

SAIC® is a premier Fortune 500® technology integrator driving our nation's technology transformation. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes secure high-end solutions in engineering, digital, artificial intelligence, and mission solutions. Using our expertise and understanding of existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions that are critical to achieving our customers' missions.

We are more than 26,500 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer, fostering a respectful work culture based on diversity, equity, and inclusion that values all contributors. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.1 billion. For more information, visit saic.com.

Share: mail

Similar Jobs

IT Project Manager

ALEXANDRIA, VA, United States
Information Technology

Data Architect

ALEXANDRIA, VA, United States
Information Technology

Cloud Engineer

ALEXANDRIA, VA, United States
Information Technology

Senior Mobile Device Management Engineer

ALEXANDRIA, VA, United States
Information Technology

Information System Security Officer

ALEXANDRIA, VA, United States
Information Technology