ISSO -Secret - Arlington, Va - multiple roles

Location: Arlington, VA
Date Posted: 06-20-2017
A key client of ours is the Prime on a new 5 year Cyber Program supporting the DHS. All positions will be out of company headquarters on Wilson Blvd in Clarendon, Va.  
We have a need for several ISSO professionals (ranging from mid level to senior). 
These are full-time W2 positions as an employee with full benefits (no 3rd parties or 1099s).
It requires the ability to get a Secret clearance is required (if you already have a clearance that is greatand we can hold higher clearances -up to TS/SSBI).

[The description below is for a Lead (senior) ISSO role, but mid level and jr roles also exist]

About the Role:

As Lead ISSO, you will provide oversight into all ISSO as a Service responsibilities. ISSO’s perform all duties and responsibilities in accordance with DHS 4300A, DHS ISSO Guide, and NIST guidance. The ISSO as a Service task will support both Sensitive But Unclassified (SBU)/For Official Use Only (FOUO).


Responsibilities as an ISSO include, but not limited to:
  • Provide technical oversight for all USCIS systems, remediate, and provide recommendations with enterprise issues such as patch management and vulnerability management.
  • Conduct research and analysis on abnormalcies and provide recommendations.
  • Assist ISSOs with issues and concerns related to their assigned systems.
  • Support all Security Authorization Process, Security Control Assessment and Ongoing Authorization activities as directed by the Federal Government for assigned systems.
  • Ensure all FISMA security controls and requirements are met at inception and throughout system development
  • Complete, maintain and/or support the completion and updates of all FISMA required documentation
  • Develop and complete all activities and deliverables contained in the USCIS SELC and DHS Sensitive Systems Policy Directive 4300A and DHS AD 102.01.
  • Conduct annual assessments and CP testing as required by DHS, USCIS and ISD
  • Coordinate and manage all OA activities for the system, including:
    • Trigger Accountability Log (TRAL)
    • System Enrollment Form (SERF)
    • Review of monthly RMB brief and system associated slides
    • System Accounts Review Log
    • System Audit Log Review Log
    • Control Allocation Table (CAT)
  • Ensure that risk analyses are completed to determine cost-effective and essential safeguards
  • Provide input to appropriate IT security personnel for preparation of reports to higher authorities concerning information systems
  • Ensure that weaknesses are identified, documented, addressed and remediated through the process of POA&Ms, Waivers
  • Review, analyze and document scan results and ensure immediate remediation of critical and high vulnerabilities via Emergency CRs
  • Provide code review and approval for any code developed for the system prior to deployment into production
  • Ensure compliance with all legal requirements concerning the use of commercial proprietary software, such as respecting copyrights and obtaining site licenses
  • Provide Security Incident Management and Security Architecture assistance, including but not limited to development and maintenance of technical and administrative processes, methods, procedures and solutions, as required
  • Ensure changes do not detract from the current security configuration or state of the system/environment and ensure all changes should maintain or improve overall security
  • Ensure maintenance of system components is implemented via the Change, Configuration, and Release Management (CCRM) processes and procedures
  • Perform tasks to support DHS ICCB CR requirements for all Client's information systems, including review of DHS CR packages, ICCB CR forms, and CR test and backout plans as well as submit DHS ICCB security questionnaires and required security package for applicable CRs
  • Support the development and documentation of contingency plans, disaster recovery (DR) plans, and Continuity of Operations (COOP) plans.
  • Participate in COOP and failover testing for Client's systems and operations

Required Qualifications:

  • 15 years experience or a masters with 8+ years of specialized experience in one of the below positions: Information Systems Security Officer, Information Systems Security Engineer, Information Systems Security Auditor or Information Systems Security Manager is required
  • 2+ years leading teams of 10+ ISSOs
  • Certifications: CISSP and PMP 
  • U.S. citizenship required
  • Must be able to attain or maintain a SECRET level clerance.
  • Experience with at least one of the following: Splunk, Tenable Nessus, WebInspect and DBProtection vulnerability management tools

Desired Qualifications:

  • DHS experience
  • Previous experience with XACTA
  • CISSP-ISSEP or ISSMP, Red Hat Certified Security Specialist (RHCSS), Oracle Solaris 10 Security Admin, Amazon Web Services Certification Program Associate, PMP
  • Active secret clearance
Please send a current resume indicating salary requirements.
These are full time positions with full benefits as an employee (no 3rd parties or C2C please).
Please also provide a good daytime phone number that i may reach you on. 

this job portal is powered by CATS