logo

View all jobs

Information Systems Security Officer

Washington, DC
ClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA. We specialize in cybersecurity and support multiple government and commercial clients for a variety of missions. We value our clients, integrity and employees and believe a single person can make a difference!  

We are committed to attracting and retaining the best and brightest talent who desire to work with industry leading technology to stay on top of their profession. We provide an excellent benefit package which includes medical, dental, vision, paid time off, 401(k), paid professional development reimbursement and more! 

We are currently looking for an ISSO in DC with the following skill set:

 
Primary Responsibilities:
  • Serve as an Information Systems Security Officer for the organization and lead security officer for systems as assigned by the CISO/ISSM
  • Provide day-to-day system security operations to ensure that operational security is maintained for various Information Systems
  • Perform security activities to include:
    • Development and assessment of security architectures.
    • Work with ISSM/CISO to determine security control alternatives
    • Conduct Security controls and testing
    • Conduct security /supply chain /FOCI assessment of new software and tools
    • Conduct data transfer operations
    • Review network scans to determine abnormalities
    • Prepare technical documentation including the Systems Security Plan (SSP), Security Assessment Report (SAR) Risk Assessment Report (RAR), Plan of Actions and Milestones (POA&M) 
  • Create and Maintain Certification and Authorization (C&A)/ Assessment and Authorization (A&A) documentation: Software/Hardware Inventory, Network diagrams, INFOSEC Policies and Procedures, Contingency Plan, Incident Response Plan, and Configuration Management Plans
  • Assist with assessing Information Assurance long-term needs and acquisition requirements to accomplish mission objectives.
  • Implement information security standards and procedures
  • Provide configuration management support for reviewing, coordinating, implementing, and enforcing information systems security changes to the infrastructure
  • Evaluate security solutions to ensure they meet security requirements for processing classified information
  • Conduct research and testing to ensure existing and evolving products/services meet current Office of the Director of National Intelligence (ODNI), DoD, and local authority’s security requirements as appropriate
  • Advise management and stakeholders on security-related matters
  • Ensure the operational security posture of their systems, they are responsible for the daily security operation of their assigned systems and they advise their partners on specific IT and security policy procedures
  • Ensure that management, operational, and technical controls for securing Office are in place and are followed. This includes ensuring that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle, from the requirements definition phase through disposal
  • Manage changes to system and assess the security impact of those changes
  • Prepare and review documentation to include System Security Plans, Risk Assessment Reports, Assessment and Authorization packages, and System Requirements Traceability Matrices
  • Ensure a strong customer focus
  • Respond to security incidents, and report incidents to the appropriate authorities
  • Performed equipment decommissioning and sanitization
  • Facilitate Personal Electronic Devices (PED) into and out of the SCIF as required.  Assure that all PEDs have been disabled prior to SCIF entry
  • Review existing legacy and info-share repositories and update as needed
 
Requirements:
  • Active Top Secret Clearance
  • Possess 10 years of professional experience with experience in the areas of information assurance, accreditation, and authorization (A&A) of systems (formerly referred to as certification and authorization – C&A)
  • Possess a bachelor’s degree in a relevant technical field
  • Possess one of the following certifications: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, CISA, GCED, GCIH
  • Experience proactively provided system security support IAW ICD 503 / Risk management Framework (RMF)
  • Knowledge of the DoD, IC, or national level system security initiatives and classified programs and infrastructures
  • Possess effective interpersonal and presentation skills as he/she operates in a client-facing role
  • Possess experience with NIST 800 publications standards
  • Possess knowledge of how to use the NVD and NIAP portals to review software or hardware vulnerabilities
  • Knowledge of ACAS Nessus/Tenable vulnerability and compliance scans
  • Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures
  • Knowledge of cloud architecture
  • Knowledge of virtualization
More Openings
Software Tester
Data Manager
Share This Job
Powered by