Overview:
Design. Disrupt. Repeat.
Be an agent of change on a team committed to achieving client-focused, mission-driven excellence. Steampunk is looking for an experienced Information Systems Security Officer with an appetite for taking on new challenges.
Responsibilities:
The ISSO serves as a Cyber Security Specialist and will perform Level II ISSO and/or ISSO support responsibilities to include:
* Ensuring the confidentiality, integrity, and availability of information systems by applying security principles, processes, and tools.
* Maintaining compliance with NIST, FISMA, RMF (Risk Management Framework), and organizational security requirements.
* Supporting the development and maintenance of security documentation including System Security Plans (SSPs), Risk Assessments, and Security Assessment Reports (SARs).
* Conducting regular security audits, system vulnerability scans, and compliance checks.
* Supporting security incident response activities and remediation efforts.
* Managing Plan of Action and Milestones (POA&Ms) to track system vulnerabilities and mitigation strategies.
* Interfacing with system owners, developers, administrators, and security personnel to address security concerns and ensure system compliance.
* Providing security guidance throughout system development lifecycle processes.
* Preparing for and supporting security control assessments and audits.
* Assisting with the development and delivery of security awareness training.
Qualifications:
Job Requirements
* Bachelor's Degree in related IT field
* Ability to obtain a U.S. government Security Clearance
* Five years of IA experience; 1 of which must be FISMA-related
Required Skills
* Hands-on experience with RMF, NIST 800-53, FISMA, and related security frameworks
* Strong working knowledge of security controls, security architecture, and security assessment methodologies
* Experience with vulnerability management tools and processes
* Proficiency in developing and maintaining system security documentation
* Strong verbal and written communication skills
Preferred possession of one or more professional security certifications, including but not limited to:
* Certified Information System Security Professional (CISSP)
* Certified Information Systems Auditor (CISA)
* Certified Ethical Hacker (CEH)
Preferred Skills
* Demonstrated ability to rely on extensive experience and judgment to plan and accomplish goals
* Able to work effectively independently to solve problems quickly and completely
* Experience reporting to, communicating with, and/or collaborating with Federal program stakeholders
* Experience in supporting, monitoring, testing, and troubleshooting hardware and software IA problems
* Experience with continuous monitoring tools
* Knowledge of cloud security (AWS, Azure, GCP)
* Familiarity with FedRAMP security controls and processes
Share this job:
Share this Job
