Issm Cissp

Description

• Develop, maintain and manage Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), POA&Ms, and other relevant security documentation for existing and new systems.
• Conduct both technical and non-technical internal audits and testing to validate system and operational requirements compliance
• Use workflows to develop security artifacts
• Document, organize and implement security control requirements
• Identify current and new risks
• Prepare vulnerability test plans and coordinate the testing and result procedures
• Assess customer based solutions and provide recommendations for any improvements to current security posture
• Ability to review and write security related policies and procedures and influence policy
• Coordinate and communicate with multiple ISSOs to ensure compliance with regulations and internal policies.
• Maintain scheduling of IA related events, meetings, briefings and represent the Cybersecurity team as needed.
• Support, communicate, reinforce and defend the cybersecurity mission, values and culture of the organization.
• Support and coordinate Change and Control Boards and document meeting minutes and subsequent tasks. Provide feedback and approve all changes from the Cybersecurity perspective.
• Assist with management of Authorization and Assessment processes for multiple authorities to operate across multiple sites.
• Assist with the evaluation of changes or additions to the IS within the facility, determine security relevance, and make recommendations for approval or denial to these changes.
• Collaborate with Policy/Compliance Division to ensure that all IA procedures and processes are followed according to policy/protocol
• Candidate must be 8570.1M / 8140 compliant with certifications, preferably CISSP or Associate and RHCSA to correspond to an IA Management Level III designation.

• Must have 5+ years of work experience
• Must have past experience with, and demonstrate the skills and capabilities to successfully execute the duties and responsibilities of this position
• Must demonstrate a general commitment to excellence, a dedication to producing quality work results, and an ability to learn and apply new skills.
• Must be a flexible, positive and energetic team player; be able to work in a fast paced environment; adapt to changes tasking; and be able to work with minimal supervision
• Must be courteous and professional when interacting with colleagues and customers, demonstrate a solid ability to identify and solve problems, plan and prioritize personal tasking, effectively communicate verbally and in writing, and be able to work successfully in a team environment

• Experience leading a team of various skill levels.
• Minimum of 8 years of experience as an ISSO supporting major federal information systems/applications
• Knowledge with auditing security controls and financial processes
• Superior writing, communication and critical analysis skills
• Deep understanding of Information Assurance, Information Technology and Information Management concepts, processes and procedures
• ISC2 Certified Authorization Professional (CAP) or ISC2 Certified Cloud Security Professional (CCSP) certification or CompTIA Certified Advanced Security Practitioner (CASP+)