Acuity, Inc. has an opening for an Information Systems Security Officer (ISSO) to support a very visible government client. Are you a dynamic and creative individual who enjoys working in a collaborative environment? Come check out Acuity!
Acuity is an award winning consulting firm that provides proven management and technological services to the Federal government. Recognized as one of the Best Places to Work, by the Washington Business Journal for five consecutive years in a row, we are hiring additional ISSOs to further assist and join in our growth.
As an Information Systems Security Officer (ISSO) you will be responsible for gathering information necessary to maintain a system’s security posture and help establish functioning external/internal barriers such as controlled interfaces and other security measures. They define, create and maintain the security documentation for certification and accreditation (C&A) of each information system in accordance with government requirements. You will perform research and assess the impact on system modifications, technological advances, and malicious code. ISSOs review system’s security documentation in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document security relevant changes. ISSOs inform users about security measures, track C&A expirations, explain potential threats, perform software scans on networks and computers for vulnerabilities, review audit data for intrusions in order to protect information and prevent unauthorized access. As you can see, an ISSO on our team is a valuable member participating and responding to computer security breaches and malicious code.
- Advise and interface with the Agency’s Chief Information Security Officer and OIT representatives on security considerations in applications systems procurement or development, implementation, operation and maintenance, and disposal activities (i.e., system development life cycle management)
- Assist in the determination of an appropriate level of security commensurate with the impact level
- Assist in the development and maintenance of system security plans and contingency plans for all systems under their responsibility
- Participate in risk assessments to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies
- Participate in self-assessment of system safeguards and program elements and in certification and accreditation of the system
- Provide localized security training as directed by the Chief Information Security Officer (CISO) or Information System Security Manager (ISSM).
- Provide monthly status reports of all Plan of Action and Milestones (POA&M) related to each application.
- Provide monthly status report of annual assessments performed.
- Report all Information Security and Privacy Data incidents, as required.
- Maintain cooperative relationship with business partners or other inter connected systems
- Control, label, virus scan and appropriately transfer data(upload/download) between information systems at varying classification levels
- Conduct research and analysis on the impacts on system modifications, technological advances, and malicious code
- Bachelor's Degree in Computer Engineering, Computer Science, or Software Engineering
- At least 5 years relatable information security experience
- Effective interpersonal and team building skills
- Familiarity with applicable NRO, IC, DoD policies, procedures and operating instructions related to information technology, information assurance, information management (IT/IA/IAM)
- Familiarity with network and information systems security principles and best practices
- Familiarity with controlling, labeling, virus scanning and appropriately transferring data (uploading/downloading)between information systems at varying classification levels
- CISSP, strongly preferred
- Familiarity of NIST 800-53
- Active Top Secret clearance verifiable in JPAS.