Dark Wolf Solutions is hiring a
Information Systems Security Officer, Lead in Worldwide

Summary

Dark Wolf Solutions seeks an experienced professional for the role of Lead ISSO, responsible for managing information security programs and ensuring compliance. The position is primarily remote but requires candidates to reside within 50 miles of a Dark Wolf Office location.

Requirements

• Bachelor's degree in information security, computer science, or a related field
• Professional certifications such as CISSP, CISM, or other relevant certifications highly desired
• Minimum of 7-10 years of progressive experience in information security, with a significant focus on managing and implementing information security programs
• Experience supporting the preparation and maintenance of Authorization to Operate (ATO) package documentation, including security assessment reports, system security plans, and other necessary artifacts
• Familiarity with NIST guidelines, industry best practices, and agency-specific requirements related to the ATO process
• Experience performing security assessments, vulnerability assessments, and penetration testing within a complex enterprise environment
• Familiarity with security control frameworks and standards, such as NIST SP 800-53, FIPS 199, and NIST SP 800-37
• Knowledge of ATO processes, NIST guidelines, and industry best practices related to system security plans, security assessments, and ATO package preparation
• Extensive knowledge of cybersecurity frameworks, regulations, and standards, such as NIST, FISMA, and CISA guidance, with direct experience in implementing these requirements
• Strong expertise in conducting risk assessments, vulnerability management, incident response, and security audits within a large enterprise or governmental environment
• Proven experience in managing and configuring security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM tools, and other security solutions
• Excellent leadership and interpersonal skills, with the ability to effectively communicate and collaborate with stakeholders at all levels of the organization
• Strong analytical and problem-solving capabilities, with the ability to assess complex cybersecurity challenges and develop appropriate mitigation strategies
• In-depth knowledge of emerging cybersecurity trends, threats, and evolving technologies
• Up-to-date understanding of the current regulatory and compliance landscape in the cybersecurity field
• US citizenship and ability to obtain and maintain a DHS Suitability/Entry on Duty (EOD)

Responsibilities

• Leading the preparation of ATO package documentation, including security assessment reports, system security plans, risk assessment reports, and other necessary artifacts
• Coordinating with stakeholders to ensure ATO package documentation aligns with industry best practices, NIST guidelines, and agency-specific requirements
• Assisting in conducting internal reviews and assessments to ensure ATO package documentation accurately reflects the current security posture and controls in place
• Acting as a liaison with the Authorizing Official (AO) and other stakeholders during the ATO process, addressing any security concerns, coordinating assessments, and providing necessary documentation and supporting evidence
• Developing and implementing comprehensive policies, procedures, and guidelines to support CISA's information security program, aligned with applicable laws, regulations, and cybersecurity standards
• Leading the development and execution of risk management processes, including risk assessments, vulnerability management, and threat modeling, to identify and address potential cybersecurity risks and vulnerabilities
• Overseeing the implementation and maintenance of secure configurations for all information systems and networks, working closely with system administrators, network engineers, and other teams
• Conducting security assessments and audits of technology infrastructure, systems, and applications to ensure compliance with relevant regulations, standards, and guidelines
• Directing incident response efforts, overseeing the identification, containment, investigation, and resolution of security incidents, and ensuring compliance with incident response protocols
• Collaborating with stakeholders to develop and deliver cybersecurity awareness and training programs, ensuring employees understand their roles and responsibilities in maintaining a secure environment
• Managing relationships with internal and external auditors, ensuring timely completion of security audits and driving remediation efforts to meet compliance requirements

Preferred Qualifications

• JIRA experience
• MS SQL

Benefits

The estimated salary for Lead candidates is expected to be $140,000.00 - $160,000.00, commensurate on experience