ClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA. We specialize in cybersecurity and support multiple government and commercial clients for a variety of missions. We value our clients, integrity and employees and believe a single person can make a difference!
We are committed to attracting and retaining the best and brightest talent who desire to work with industry leading technology to stay on top of their profession. We provide an excellent benefit package which includes medical, dental, vision, paid time off, 401(k), paid professional development reimbursement and more!
We are currently looking for an ISSR with the following skill set for a position in DC:
- Ensure that ISs are operated, maintained, and disposed of in accordance with the internal security policies and practices outlined in the approved Security Assessment and Authorization (SAA) package
- Manage the SAA process for new ISs and legacy ISs migrating into the GRC application
- Provide baseline security controls to the system owner, contingent upon the IS’s security categorization, type of information processed and entity type
- Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems’ impact levels and ISs’ authorization boundary
- Ensure that new entities are created in the GRC application with the security categorization of ISs.
- Initiate, coordinate, and recommend to the Authorizing Official all Interconnection Security Agreement (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an IS with any non or joint-use IS.
- Perform an independent review of the System Security Plan (SSP) and make approval decisions.
- Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the Authorizing Official.
- Schedule security control assessments in coordination with the system owner.
- Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the Authorizing Official for a security ATO decision.
- Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number.
- Advise the Authorizing Official of IS vulnerabilities and residual risks.
- Ensure that all POA&M actions are completed and tested.
- Coordinate initiation of an event-driven reauthorization with the Authorizing Official.
- Ensure the removal and retirement of ISs being decommissioned, in coordination with the SO, ISSO, and ISSR.
**Top Secret clearance is required