Junior (Jr) ISSO

Company: ECS Federal, LLC
Location: Alexandria
Posted on: September 15, 2023

Job Description:

ECS is seeking a Junior (Jr) ISSO to work in our Alexandria, VA office. Please Note: This position is contingent upon additional funding.

Job Description:

Serve as a principal advisor to one or more Boundary/System Owner and ISSM on all matters (technical or otherwise) involving the security
Promote the DHRA/DMDC Risk Management Framework maturity
Provide Risk Management Framework (RMF) support to assigned DMDC/DHRA Information Systems; ensuring that System/Product Owners maintain an appropriate operational cybersecurity posture.
Support Continuous Monitoring and Event-driven monitoring for Boundary/System Owner in all activities conducted to ensure controls remain effective over time.
Ensure control(s) assurance for the given systems' Common and Inherited Controls and Reciprocity
Determine information security requirements by evaluating DHRA/DMDC business strategies and requirements, researching information security standards; conducting system security and vulnerability analyses and risk assessments, assessing industry architectures/platforms and relative security benefits, and identifying architecture/platform integration issues that prevent the strongest possible security posture.
Advises functional expert management staff on cybersecurity issues pertaining to specific operating systems, hardware, technology, and methodology.
Ensure systems are operated, used, maintained, and disposed of in accordance with DMDC and DHRA security policies and practices
Monitor compliance and conduct partial or full Security Control Assessments for a given boundary, as requested
Maintain the documentation for RMF Assessment and Authorization of each information system in accordance with government requirements, with all required artifacts in eMASS.
Assist boundary owners, and or develops policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks and data; designs and implements monitoring, tracking, and reporting procedures and develops and manages short and long range plans for addressing cybersecurity needs.
Understand, review and provide guidance for any artifact, such as but not limited to Data Flow Diagrams, Network Diagrams, Internal/External connections, configuration logs, security and monitoring logs, etc.,
Assess the impacts on system modifications and technological advances. Review systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document upgrades.
STIGS: Utilize the assigned tool, such as eMASSTER to generate STIG results, and assigned actions for remediation
POA&Ms
Develop and track compliance for new and existing POA&Ms for a given boundary's identified weaknesses, or findings.
Schedule a meeting with stakeholders to develop POA&M milestones, identify and allocate resources and determine the remediation schedule
Review POA&M status at the prescribed frequency, and engage staff members across the enterprise to ensure POA&M date are achieved on time and are documented in eMASS
Manage ServiceNow ticket queues for cybersecurity Risk Management Branch and review/validate user access rights
Create presentations and or metrics as requested
Create weekly, monthly and in-progress review presentations, as needed



Required Skills:

Must be a US citizen, possess a Secret Clearance, and be willing to acquire and maintain a DoD Top Secret clearance if requested
Bachelor's degree in computer science, cybersecurity, information security, or similar discipline AND 5+ years of cybersecurity experience, in support of the DoD or other federal clients
Active DoD 8570 certification minimum compliance, including at least one of the following certifications in good standing: CASP+ CE, CISSP
Firm understanding of the NIST Special Publications, DoD Risk Management Framework (RMF) processes and NIST 800-53 security controls
5+ years of experience as an ISSO, ISSM, SCA, or RMF Auditor
Broad technical knowledge is required in order to review DISA Security Technical Implementation Guides (STIGs)
Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders
Capacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions
Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk
Knowledge of DoD cybersecurity policies, practices, and requirements
Excellent written and verbal skills are required

Desired Skills:

Prior DMDC or DHRA experience
ISSM and or CISM experience
Top Secret Clearance
Ability to be self-managing and self-directing
Experience working with network infrastructure components, operating system platforms, cloud technologies, security tools, software development, and database technologies

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.

Keywords: ECS Federal, LLC, Alexandria , Junior (Jr) ISSO, Other , Alexandria, Virginia