TISTA Science and Technology Corporation is seeking an Information Systems Security Officer to join our team.
The ISSO will be responsible for providing the client support in proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. The ISSO supports Security authorization and continuous monitoring activities in compliance with National Institute of Standards and Technology (NIST) Guidance and the Department of Homeland (DHS) policy and procedures. The ISSO is responsibilities for the following:
· Support configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes
· Ensure that Information Systems are operated, used, maintained, and disposed of in accordance with security policies and procedures
· Ensure that the AIS are accredited based upon NIST guidance and accredited the AIS utilizing the NIST RMF process or ICD 503 templates if NSS/classified information system
· Enforce security policies and safeguards on all personnel having access to the system for which the ISSO has responsibility
· Ensure audit trails are reviewed periodically in accordance with departmental policy and the Security Authorization documentation (e.g., weekly or daily)
· Report and manage security incidents in accordance with DHS Management Directive 4300
· Prepare system security status reports as required by DHS Management Directive 4300 and the AO
· Evaluate known vulnerabilities to ascertain if additional safeguards are needed
· Identify weaknesses and initiate protective or corrective measures to mitigate
· Perform all ISSO duties as directed by DHS Component policy and DHS Management Directive 4300 (A/B/C).
· Perform duties as the security specialist for secure rooms/SCIFs which have the possibility to process information up to the TS/SCI level (where applicable).
· A minimum of five (5) years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field
· Demonstrates a proficiency developing, maintaining and managing Security Authorizations and Assessments packages
· Experience with developing and managing Plans of Action & Milestones (POA&Ms)
· Possess experience in conducting security control assessments
· Possess experience in conducting audit log reviews
· Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities.
· Experienced writing security related policies and procedures
· Possess experience developing and conducting Contingency Plan testing
- Technical experience with analyzing vulnerability assessment scans and providing mitigation techniques.
- Strong problem solving and analysis skills, self-motivated, and able to work individually
- Excellent communication (written and verbal) skills within a team environment and individually
- Assist with the management of security aspects of the information system and perform day-to-day security operations of the system;
- Prepare and review documentation to include System Security Plans, Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)
· Bachelor’s degree or higher in Computer Science, Information Technology, Information Security, or similar fields.
· A minimum of at least one (1) certification must be active relating to information security such as:
§ IC2 Certifications (e.g. CISSP, CAP, SSCP, etc.)
§ ISACA Certifications (e.g. CISA, CRISC, CISM, CGEIT, etc.)
§ GIAC security certification (e.g. GCIH, GWAPT, GPEN, GSLC, etc.)
§ CompTIA Certifications (e.g. CASP, Security +, etc.)
§ EC Council Certifications (e.g. C|EH, ECSA, CCISO, etc.)
· Active Secret, Top Secret Clearance preferred
TISTA Science and Technology Corporation, a CMMI Maturity Level 3 company, focuses on delivering information technology and professional services to Federal and State agencies. TISTA is recognized in 2019 by Inc. 5000 as one of the fastest growing private companies in the US. TISTA is also a recipient of 2019 Top Veteran-Owned Companies by the Washington Business Journal. TISTA also received a 2018 Moxie Award in the GovCon category.
Here at TISTA Science and Technology we value our Veterans and encourage all to apply!
#thinktista #tistacares #tistavaluesvets
TISTA is an Equal Opportunity/Affirmative Action Employer and embraces diversity in our employee population. It is the policy of TISTA to provide equal opportunity to all qualified applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or genetic information. TISTA will refrain from discharging, or otherwise discriminating against, employees or applicants who inquire about, discuss, or disclose their compensation or the compensation of other employees or applicants.
The EEO is the Law poster is available here and the poster supplement is available [ Link removed ] - Click here to apply to Information Systems Security Officer
The Pay Transparency Policy is available here.
Tista is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation due to a disability for any part of the employment process, please send an e-mail to [ Email address blocked ] - Click here to apply to Information Systems Security Officer or call
(301) 968-3420 and let us know the nature of your request and your contact information.
Certified In Risk And Information Systems Control
Ec Council Certified Security Analyst
Giac Certified Incident Handler
Certified Information Systems Security Professional
Certified Information Security Manager
Certified In The Governance Of Enterprise It