Information System Security Officer (ISSO) - Active TS/SCI Security Clearance Required
About the Organization Now is a great time to join Redhorse Corporation. Redhorse specializes in developing and implementing creative strategies and solutions with private, state, and federal customers in the areas of cultural and environmental resources services, climate and energy change, information technology, and intelligence services. We are hiring creative, motivated, and talented people with a passion for doing what's right, what's smart, and what works.Position Description Redhorse is seeking an Information System Security Officer (ISSO) to support the 704th MI BDE at Fort Meade, MD. The successful candidate will have experience working as an ISSO on large Department of Defense contracts and leading a team of other cyber security professionals in support of project and client goals and objectives.
Primary Duties and Responsibilities for this position include:
- Perform the duties of an Information System Security Officer (ISSO) as defined in AR 25-2, DA 25-2-14, and the NIST SP 800-53 security controls when the organizationally-defined personnel includes the ISSO.
- Actively manages the organization’s eMASS records which includes but is not limited to:
- Validates security controls including associated artifacts · Assesses security scan results and STIGs as required.
- Performs POA&M updates, tracking, and resolution.
- Leads the continuous monitoring activities of the organization.
- Collaborates with the O-ISSM on all assessment and authorization activities to ensure the information systems maintain an authority to operate (ATO) on all applicable DoD/IC networks.
- Maintain up-to-date status on all assigned systems and communicate status to the Government leads.
- Maintain complete records of communications, submit written status reports as required, perform peer-review as directed, and attend weekly meetings.
- Coordinate with the Security Control Assessor (SCA) to perform analysis of the overall risk level the system poses to enterprise networks and to mission data.
- Provides guidance in the creation and maintenance of Standard Operating Procedures (SOPs); Tactics, Techniques, and Procedures (TTPs); and other similar documentation.
Minimum Basic Requirements for Skills, Experience, and Credentials include:
- Master's degree in an area of Science, Technology, Engineering or Mathematics with at least 10 years’ experience as a cybersecurity professional OR a Bachelor’s degree in an area of Science, Technology, Engineering or Mathematics with at least 12 years’ experience as a cybersecurity professional .
- Active TS security clearance and eligible for SCI and NATO read-on prior to starting work.
- Meet the DoD requirements for a privileged user on a TS/SCI information system prior to starting work - DoD 8140 / 8570.01-m requirements.
- 3+ years’ experience validating system security controls.
- 3+ years’ experience with vulnerability management .
- 3+ years’ experience with DISA Security Technical Implementation Guides (STIGs), DISA Security Requirements Guide (SRG), and vendor-specific security guides.
- 1+ years’ experience with RMF and eMASS.
- 1+ years’ experience with POA&M tracking and resolution.
- 1+ years’ experience performing the continuous monitoring of system security controls.