Information System Security Officer (ISSO)

closed
Tria Federal Logo

Tria Federal

๐Ÿ“Remote - United States

Summary

Join a talented team at Tria Federal as an Information System Security Officer to deliver digital transformation solutions to Civilian, Defense, and Intelligence agencies. As a key member of the team, you will research, develop, implement, test, and review information security to protect data and prevent unauthorized access.

Requirements

  • US Citizenship and the ability to obtain and maintain Top Secret clearance level are required
  • Working knowledge and experience with CSAM and RMF
  • DHS experience
  • Experience working with system stakeholders to assess and manage system cybersecurity risk
  • Knowledge of the process to obtain a system ATO and requirements to maintain the ATO
  • Ability to synthesize complex IT system information and communicate system status and requirements in written products and verbal presentations
  • Ability to write clear, concise and effective security control implementation statements
  • Familiarity with configuration settings and vulnerability management analysis of infrastructure devices
  • Ability to draft a complete ATO package, to include the SSP
  • Ability to work independently and within given timelines

Responsibilities

  • Conduct initial Security Assessment and obtain ATO, in line with NIST SP 800-37 Rev. 2
  • Maintain the Security Authorization or Authorization to Operate (ATO) of assigned system(s)
  • Continuously update all Security Authorization documentation to maintain assigned systemโ€™s ATO or system go live dates
  • Select the baseline security controls for the IT system, using Archer, and tailor where appropriate
  • Document all relevant NIST 800-53 Security Controls for assigned IT systems
  • Perform and document initial and annual risk assessments of all systems
  • Develop and document all supporting Security A&A artifacts (PIA, SP, ITCP, BIA, CMP, MOU, ISA)
  • Assist in the development of the Security Assessment Plan (SAP)
  • Develop Security Assessment Reports (SAR)
  • Produce Security Authorization package for Authorizing Official (AO) signature including Authorization to Operate (ATO)
  • Track the deployment of software to the environment that is not part of the base image
  • Generate Plan of Actions & Milestones (POA&Ms) for each non-compliant control for assigned IT Systems

Benefits

Top-tier benefits package

This job is filled or no longer available