Digital Prospectors ISSO Specialist in Lexington, Massachusetts
Job Type: Contract
Recruiter: Steve Merriman (https://digitalprospectors.com/our-team/steve-merriman)
Position: ISSO Specialist
Location: Lexington, MA (Onsite)
Length: 3+ years
Covid Requirements: N/A
*Candidates must be a United States Citizen with an active Top-Secret clearance with SCI
Our client is looking for a ISSO Specialist to develop and maintain an IS security program and policies for an assigned area of responsibility. The ISSO Specialist will develop and oversee operational IS security implementation policy and guidelines.The ISSO Specialist must be knowledgeable in computer security principles and policies, to include, Security Technical Implementation Guides (STIGs), NIST 800-53 / Risk Management Framework (RMF), Joint SAP Implementation Guide (JSIG), Intelligence Community Directive (ICD) 503, and DoD Manual 5205.07 Volumes 1- 4.
Essential Duties and Responsibilities (but not limited to):
Monitorall available resources that provide warnings of system vulnerabilities or ongoing attacks.
Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
Complete security assessment tests and reviews, ensuring proper measures are taken when an IS incident or vulnerability affecting classified systems or information is discovered.
Ensure the application of configuration management policies and procedures for authorizing the use of hardware and software are followed.
Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the SSP.
Develop and update the SSP including management and control changes to the system and assess the security impact of those changes.
Ensure user activity monitoring data is analyzed, stored, and protected in accordance with the ITPSO policies and procedures.
Develop and maintain POAMs to identify IS weaknesses, resources, and timelines for corrective actions and mitigate actions.
Ensure all users have the requisite security clearances and authorization and are aware of their security responsibilities.
Security Plus 8570 Certification is required with 4+ years of applicable experience (Bachelor’s degree is preferred).
Ability to assist and support necessary compliance activities.
Prior experience validating organizations against policies, guidelines, procedures, regulations, and laws to ensure compliance.
Ability to ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
Prior experience promoting awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
Ability to track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
Ability to recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
Prior experience providing technical documents, incident reports, and findings from computer examinations, summaries, and other situational awareness information to key stake holders.
Ability to recognize a possible security violation and take appropriate action to report the incident.
Ability to assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), risk assessment report, and continuous monitoring strategy.
Ability to ensure systems are operated, maintained, and disposed of in accordance with organizational security policies and procedures.
Ability to conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
Prior experience leading and aligning Information Technology (IT) security priorities with the security strategy.
Prior experience preparing for and participating in periodic organization compliance assessments.
Ability to interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
Due to the nature of the work, an active Top-Secret clearance with SCI is required.
POST-OFFER BACKGROUND CHECK IS REQUIRED. Digital Prospectors is an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Make this your next career move as one of our many long-term contractors or employees!
- Work as our full-time employee with full benefits (Medical, Dental, Vision, Life, STD, LTD, PTO, etc.) - OR - work as a W2 hourly contractor at a higher pay rate if you don't need the benefit package.
Come see why DPC has achieved:
4.9/5 Star Glassdoor rating and the only staffing company (< 1000 employees) to be voted in the national Top 10 ‘Employee’s Choice - Best Places to Work’ by Glassdoor.
Voted ‘Best Staffing Firm to Temp For’ five times by Staffing Industry Analysts as well as a ‘Best Company to Work For’ by Forbes, Fortune and Inc. magazine.
- Digital Prospectors Jobs