Information Security OfficerMelbourne, FLAre you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer’s core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level!SummaryWe deliver essential technology services to our customers in support of their missions to sustain the national security and economic interests of our nation. SecuriGence is seeking an Information Systems Security Officer in the Melbourne, FL / Patrick SFB area to help contribute to our success. Come help us solve problems with Innovation Through Intelligence.ResponsibilitiesProvide oversight for the assigned network(s) by working with the operation's staff to ensure compliance per STIGs and IAVM.Ensuring that Stakeholders adhere to Federal Information Assurance policies and procedures to acquire and maintain an Information System's Authority to Operate (ATO) under The Federal Information Security Management Act (FISMA) of 2002.Lead RMF A&A efforts including activities within the A&A cycle and outside of the ISSO functions, work directly with ISSM, ISO, and AO, work with engineering and operations support staff to secure systems and ensure compliance, and provide oversight for existing and new POAMs.Provided POAM support by advising CISO/AO of changes and assisting in the coordination of efforts to remediate deficiencies and vulnerabilities.Responsible for performing ConMon reviews for daily, weekly, monthly, and quarterly checks. (Primarily completed through Splunk. A small number of manual/administrative checks).Assist with IR activities by verifying sanitation procedures are followed prior to submitting the CART Case to the CISO for closure.Work with the Security Tools Team to identify Critical / High vulnerabilities for remediation and report network security posture at weekly CISO/AO meetings.Skills and ExperienceExperience with NIST SP 800-37, 800-137, 800-53 rev 4/5, 800-39, 800-171 and 800-171A for self-assessments; NIST 800-100, NIST 800-18.Familiar with creating Assessment and Authorization (A&A) packages in Archer IRM and applying security categorization per the NIST FIPS 199 and NIST SP 800-60.Experience in performing and assessing Security and Privacy Controls per NIST 800-53 rev 4/5 and NIST 800-53a guidelines.Experience with systems engineering design and development toward a "baked-in" security design using Information Assurance best practices.Understanding of the FedRAMP process, coordinating with 3PAO, and migrating on-prem systems to an accredited cloud-based solution (e.g. AWS (GovCloud), Azure).Understanding of vulnerability and scanning tools such as Assured Compliance Assessment Solution (ACAS) and well-versed in interpreting risk posture resulting from assessment reports.Knowledge of vulnerability management, risk management, and project management, proficient with Microsoft products - Word, Excel, PowerPoint.Experience with Tenable's Nessus and/or Security Center, or Network Mapper is a plus.Risk assessment experience, especially with NIST SP 800-53 Threat identification, system security categorization, gap analysis, and compliance reporting.Must be able to validate security patches as they align with NIST guidelines, client policies and procedures, and OMB Mandates.Experience with creating or maintaining security artifacts as part of the ATO package including but not limited to; System Security Plans (SSP), Contingency Plans (CP), Disaster Recovery Plans (DRP), Plans of Action, and Milestone (POA&M), Incident Response (IR), and other security documentation.QualificationsBachelor's degree.Can be substituted for an Associate's degree with 2+ years relevant experience or 4 years relevant experience.5 years relevant experience.Secret Clearance is required.IAT Level II Certification minimum.
#J-18808-Ljbffr