HN Jobs

Aretec, Inc| Information System Security Officer (ISSO)| Washington DC Area | $80-135k Salary + benefits | Full-time |ONSITE Job Requirements: This position requires U.S. citizenship due to federal contractual obligations. Bachelors in Computer Science, Information Systems, Software Engineering or other related analytical, scientific, or technical disciplines. 4+ years of experience in IT security, including Certification and Accreditation and/or IT security risk analysis/advice, preferably in support of the Federal government. Knowledge of Federal government C&A practices and policies, particularly ICS 503, FISMA, NISP SP 800-53, and DHS 4300. Experience with information assurance tools preferred. Experience vulnerability assessment scanning tools and reporting. Working knowledge of Ongoing Authorization with in the NIST Framework Job Description: Use Federal Certification and Accreditation (C&A) processes to research, verify and document information security controls in order for the "systems" to be accredited. Communicate and enforce security policies, procedures and safeguards for all systems and staff, based upon NIST Analyze and advise on the risk and remediation of security issues based on reports from vulnerability assessment scanners, patch management tools, and emerging threat information. Initiate, coordinate and track the patching and remediation of security weaknesses as they are discovered, via a "Plan of Actions and Milestones" (POAM). Report on security status and security incidents. Ensure event logs are reviewed at least daily or weekly. Conduct Security Authorization document reviews. Create and compile Authorization packages to include: Designation Letters, Security Plans, Contingency Plans, SOPs. Conduct meeting with Government leadership and briefing on the State of Security for the systems in their purview. Create/maintain Work Break Down structures in MS Project for each System. Ensure the Configuration Management Database (CMDB) is continuously updated. Coordinate with the appropriate operational group to accurately update the System Design Document for each IT system. Assist in maintaining all configurations, architecture, installed software, accounts, data flows, ports, protocols, and other relevant data for each IT System and capture in design documents in MS Visio. Provide oversight and guidance regarding requests to modify technical policies such as firewall rules, ports, protocols, etc. for each IT system. Work with auditors to identify Key Controls which must be assessed on a recurring annual basis. Salary is commensurate with experience. Security certifications required (CISSP, CEH, Security+, CAP, GIAC, etc.). If you have a passion for cyber security and want to learn more about this position, please visit our career website http://www.aretecinc.com/careers/ or e-mail your resume to careers@aretecinc.com