- Ensure client systems are accessed, integrated, accredited, operated, maintained and disposed of in accordance with applicable security policies and practices outlined in NIST Publication 800-53 (Latest version) Security and Privacy Controls for Federal Information Systems and Organizations and client IT Security Policies and Procedures.
- Possess excellent written and verbal communication skills.
- Coordinate with System Owners to ensure that system account requests are for valid users eligible for access to information systems, have a valid need to access the systems, and that all requirements have been met before granting access to system(s).
- Possess the ability and experience to review, validate, and audit client information systems from a security perspective, following NIST 800-53 (Latest version)
- Verify and validate user’s completion of required training where applicable.
- Ensure user accounts are disabled upon separation.
- Ability to perform Security Controls testing to audit and inspect system security controls, processes and procedures.
- Manage and track system security requirements during all phases of system’s life cycle for all operational and development projects.
- Possess the ability and experience in creating, updating and maintenance of client’s security documentation for each of client systems.
- Understanding, ability and experience in review/audit of vulnerability and compliance scans.
- Possess the ability and experience in reporting, responding, and tracking security incidents in accordance with NIST Guidance and client requirements.
- Possess the ability and experience in maintaining and regularly reviewing audit trails, and ensure retention of audit trails for the period of time as defined.
- BS/BA in Computer Science, Information Systems, Software Engineering or other related analytical, scientific or technical discipline.
- CISSP Certification highly preferred.
- Eight (8) years of experience in performing ISSO role and duties in support of the Federal Government.
- Knowledge of Federal Government SA&A practices and policies, particularly FISMA and NIST Special Publications 800 series.
- Industry recognized and accepted certifications relating to IT security preferred (CISSP, GIAC, CEH, TNCP, Security+, Network+ etc.).
- Ability to work independently and also collaborate with application developers, engineers and others.
- Must be motivated and results oriented.
24 - 51 /hourWhat is this?