Overview
Information System Security Officer Jobs in Washington, DC at Coalfire Federal
Title: Information System Security Officer
Company: Coalfire Federal
Location: Washington, DC
Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers.Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies. Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients’ toughest security challenges.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
We are on the look out for Information System Security Officers (ISSO) to support our Federal team in the Northern Virginia / DC Metro area.
Job Summary
As an ISSO you’ll be supporting as the principal advisor to the information system owner (SO), ISSM, CISO on all matters (technical and otherwise) involving the security of assigned information systems (on prem, vendor, and cloud-based).
Location
Our clientele is largely in the government space, primarily within the Washington, D.C. / Maryland / Northern Virginia (DMV) areas. While we do offer opportunities that are remote, hybrid, or on-site – a position location and travel may vary based on client needs, and so local candidates may be preferred.
What you’ll do
Maintain detailed knowledge and expertise required to manage the security aspects of assigned information systems.
Ensure that the appropriate operational cybersecurity posture is maintained for assigned systems to provide confidentiality, integrity, and availability of information systems.
For each system assigned to an ISSO, the ISSO will be responsible to complete and keep updated security documentations, such as SIA, SSP, POA&M, Configuration Management Plan, Vulnerability Reports, etc.
Participate in planning and management of all phases of the Risk Management Framework (RMF) Security Assessment and Authorization (SAA) process.
Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems.
In coordination with SO team, develop standard operating procedures in accordance with security control requirements.
Perform continuous monitoring of implemented security controls to ensure that they are implemented correctly, operating as intended and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems. Conduct continuous monitoring activities, to include:
Maintenance of current ATO, conducting periodic system self-assessments, periodic scans, log reviews
Ensuring proper sanitization of media prior to disposal
Work with technical teams to mitigate security control deficiencies and scan vulnerabilities for assigned IT systems.
Assess the cybersecurity impact of changes to assigned IT systems and document findings in a security impact analysis (SIA) report.
Conduct self-assessments of security controls, identify weaknesses and track remediation activities in POA&M.
Manage the plan of action and milestone (POA&M) process for designated IT systems to provi…
