Overview
Information System Security Officer/Isso-Top SECRET Jobs in Washington, District of Columbia, USA at Hooilinafoundation
Title: Information System Security Officer/Isso-Top SECRET
Company: Hooilinafoundation
Location: Washington, District of Columbia, USA
Type: Full Time
Category: IT/Tech, Security
Position: Information System Security Officer (ISSO)-TOP SECRET
Aloha! Are you passionate about making a difference? Join us in our vibrant Native Hawaiian Organization, a proud non-profit dedicated to uplifting Native Hawaiian communities. As part of adynamicnetwork of subsidiaries and partners in the Gov Con sector, we offerexcitingopportunities across various agencies. If you’re seekinga fulfilling careerthat truly gives back and supports a meaningful cause, we’d love to connect with you!
Let’s work together to create positive change!
Hooilina is seeking a talented Information System Security Officer with at least 3 years of experience and a passion for thinking big, taking action, and delivering exceptional results. You are outcome-driven, quality-obsessed, and relentlessly focused oninnovationas a value-driver for world-class delivery,client satisfaction, and performance. You’re looking to grow as a professional in ateam-orientedenvironment where you can put your fingerprint on mission-critical projects impacting the citizens we serve.
THIS POSITION REQUIRES AN ACTIVE TOP SECRET CLEARANCE
Role Overview:The Information Systems Security Officer (ISSO) researches, develops, implements, tests, and reviews an organization’s information security to protect information and prevent unauthorized access. Emphasis on general knowledge of infrastructure devices (i.e., OSI Model, firewalls, routers, switches).
Responsibilities:
Conduct initial Security Assessment and obtain ATO, in line with NIST SP 800-37 Rev. 2.
Maintain the Security Authorization or Authorization to Operate (ATO) of assigned system(s).
Continuously update all Security Authorization documentation to maintain assigned system’s ATO or system go-live dates.
Select the baseline security controls for the IT system, using CSAM, and tailor where appropriate.
Document all relevant NIST 800-53 Security Controls for assigned IT systems in the System Security Plan (SSP).
Perform and document initial and annual risk self-assessments of all systems assigned.
Develop and document all supporting Security A&A artifacts (i.e., PTA, SSP, ITCP, BIA, CMP, MOU, ISA).
Produce Security Authorization package for Authorizing Official (AO) signature including Authorization to Operate (ATO).
Track the deployment of software to the environment that is not part of the base image.
Conduct security impact analyses of proposed changes, provide recommendations.
Ability to analyze configuration settings, implementation of STIGs, and conducting manual checklists.
Generate Plan of Actions & Milestones (POA&Ms), with meaningful milestones, for each non-compliant control for assigned IT Systems.
Required Skills & Experience:
3-5 years Cybersecurity experience.
Working knowledge and experience with CSAM and the NIST RMF.
Knowledge of the process to obtain a system ATO and requirements to maintain the ATO.
Experience working with system stakeholders to assess and manage system cybersecurity risk.
Ability to synthesize complex IT system information and communicate system status and requirements in written products and verbal presentations.
Ability to write clear, concise, and effective security control implementation statements.
Familiarity with configuration settings and vulnerability management analysis of infrastructure devices.
Ability to draft a complete ATO package, to include the SSP.
Ability to work independently and within given timelines.
Professional Certificati…
