NetCentric Technology is seeking an Information System Security Officer (ISSO) to support our Cybersecurity Support Services (CSSS) contract with the Defense Manpower Data Center (DMDC), ensuring the confidentiality, integrity, and availability of systems, applications, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of cybersecurity programs, policies, procedures, and tools.
Provide Risk Management Framework (RMF) support and expertise to DHRA Product Owners ensuring they maintain an appropriate operational cybersecurity posture
Use your expertise to analyze and ensure the security posture of systems hosted in cloud and on premises environments
Maintain documentation for Risk Management Framework Assessment and Authorization (A&A) in accordance with DoD and DHRA policies and procedures
Assess the impacts on system modifications and technological advances
Provide system-level support to maintain and improve compliance by validating supporting artifacts and evidence
Review systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes, and document upgrades
Review and validate Security Technical Implementation Guide (STIG) and Security Requirement Guide (SRG) checklists with support from system administrators
Ensure appropriate security controls and measures are in place to safeguard systems, applications, networks, and data
Maintain POA&M vulnerabilities and evaluate cost benefit, economic and risk analyses
Coordinate, schedule, and supporting meetings with system personnel in order to maintain timely submissions of assess and authorize processes
Anticipate cybersecurity risks to the organization and provide recommendations to reduce and/or mitigate risk to the organization
Advises functional expert management staff on cybersecurity issues pertaining to specific operating systems, hardware, technology, and methodology
Develops policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks and data; designs and implements monitoring, tracking, and reporting procedures and develops and manages short and long range plans for addressing cybersecurity needs
Determine information security requirements by evaluating organization business strategies and requirements, researching information security standards; conducting system security and vulnerability analysis and risk assessments, assessing industry architectures/platforms and relative security benefits, and identifying architecture/platform integration issues that prevent the strongest possible security posture.
ASRC Federal Advantages
Learning and Development: After 90 days of employment, regular full-time employees are eligible to participate in our professional development program including funds annually towards Associate’s, Bachelor’s or Graduate Degrees; Industry standard professional certification; A professional certificate program; Continuing education classes; and Registration fees to attend professional conferences.
Employee Resource Groups: That provide our employees the opportunity to collaborate and network with colleges with common interests, backgrounds, and experiences including Women's Impact Network (WIN), Multicultural ERG, Military Community (MILCOM), and Pride ERG for LGBTQ+ employees and allies.
Purpose Driven Careers: Certified Great Place to Work™; Certified Military Times' 'Best for Vets' and Military.com ‘Top 25 Veteran Employer.’
Benefits: Comprehensive insurance packages including medical, dental, vision, life insurance, and short term/long term disability, as well as a 401K with generous company match and immediate vesting.
Requirements :Locations and On-Site Requirements
This position is available at the DODC-MB location in Seaside, CA or MC-ALEX location in Alexandria, VA.
This role requires 60% / 3 days per week on-site to support a classified environment.
Qualifications
Bachelor’s degree in related field (or five (5) years of additional relevant experience) and seven (7) years of relevant experience.
Demonstrate and maintain knowledge to meet DOD 8140 requirements through education, training, or personnel certification such as but not limited to an active DoD 8570 IAT LEVEL III baseline security certification.
3+ years of experience applying the NIST Risk Management Framework to ensure the security of information systems.
Experience creating or updating agency policies and procedures for compliance with DoD and Federal regulations.
Experience using a GRC tool such as eMASS.
Experience analyzing and ensuring the security posture of systems hosted in a cloud environment desired.
Clearance Requirements:
The selected candidate must have an active Secret clearance.
US Citizenship is required .
ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.