Senior Information Systems Security OfficerTelophase Corporation • Lanham, Maryland, United States
Senior Information Systems Security Officer
Telophase Corporation
- Lanham, Maryland, United States
- Lanham, Maryland, United States
About
The ISSO shall ensure the implementation and maintenance of security controls in accordance with the System Security Plan (SSP) in preparation for NIST RMF and based independent security assessments and provide strong leadership in the development of a cyber security validation program for mission systems.
Responsibilities:
- Support adoption and implementation of NIST-based standards across the organization in support of multiple mission system authorization boundaries including Cloud-based workloads
- Support all steps of NIST RMF with strong background in NIST SP Revision 5 and 800-53A
- Participate in the selection of the organization's common security controls and in determining their suitability for use in the information system
- Review the security and privacy controls regarding their adequacy in protecting the planned or operational information system
- Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment and Authorization(A&A) packages, and support system authorization activities
- Implement and enforcing organizational information systems security policies, standards, and methodologies
- Evaluate security solutions to ensure they meet security requirements for processing unclassified/classified information; perform vulnerability/risk assessment analysis to support certification and accreditation. Red Team operations background such as penetration testing is bonus.
- Manage changes to the information system and assess the security impact of those changes.
- Education: Bachelor's or higher in computer science/ technical discipline preferred or equivalent work experience
- Years of related experience: 8+ years of experience is required as an ISSO/ ISSM including experience implementing, and enforcing information systems security policies, standards, and methodologies; creating security plans, policies & procedures, SSPs, and Risk Assessment Reports
- Technical Skills: FISMA, FedRAMP, NIST RMF (Risk Management Framework), NIST Revision 5 controls, and strong understanding Security Control Assessment (SCA) processes. Good understanding of Windows and Linux operating systems and architecture.
- Good knowledge of public cloud providers such as Azure, AWS, and GCP highly desirable
- Experience with applications for Amazon AWS, Microsoft Azure, GCP or other cloud platforms for large-scale, multi-tenant, SaaS systems highly desirable
- Experience with security assessments of AWS/Azure/GCP environments preferred
- Experience with AWS/Azure/GCP service offerings preferred
- Skills and ideally certifications in public cloud providers (AWS, Azure, GCP) highly desirable
- Cloud Security experience (AWS/Azure/GCP), including both IaaS and PaaS models preferred
- Hands-on experience with public cloud services (AWS, Azure, GCP) preferred
- Hands-on experience in PaaS, SaaS, CI/CD, Docker, Jenkins, Puppet Chef, Ansible, Kubernetes preferred
- Strong understanding of and experience in AWS / Azure / GCP cloud architecture
- Experience developing applications for Microsoft Azure, Amazon AWS, Google or other cloud platforms for large-scale, multi-tenant, SaaS systems a bonus
- Clearance: Must have or be able to attain Public Trust or higher
Certifications: Cybersecurity certifications, such as CISSP, CISA, CISM, CISA, CEH, GCIH, GCIA, GCFA, GCFE, CDMP, OSCP, OSCE, CDP-DG or similar
Work Type:
Onsite location on a regular basis with some hybrid telework options.
Note for staffing agencies: We are not accepting unsolicited resumes for this position. All inquiries must go through the Telophase team
As an Equal Opportunity Employer, it is Telophase's policy to recruit, hire, and provide opportunities for advancement in all job classifications without regard to race, color, religion, sex, national origin, age, citizenship, marital status, sexual preference, parental status, or disability.
Languages
- English
Notice for Users
This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.