Information System Security Officer (ISSO)

Type of Requisition:RegularClearance Level Must Currently Possess:NoneClearance Level Must Be Able to Obtain:NonePublic Trust/Other Required:OtherJob Family:Cyber and IT Risk ManagementJob Qualifications:Skills:Continuous Monitoring, Documentations, Information Assurance, Information System SecurityCertifications:NoneExperience:8 + years of related experienceUS Citizenship Required:NoJob Description:The Information Systems Security Officer (ISSO) is responsible for ensuring the continuous monitoring of security and privacy controls for one or more information systems managed by or on behalf our Federal civilian agency customer. The ISSO works closely with the Information System Owner, Information System Security Manager, system administrators, and other IT and privacy professionals supporting the system(s). The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and is assigned responsibility for the day-to-day security monitoring of the system(s), including but not limited to threat analysis, vulnerability assessments and remediation, compliance monitoring and reporting, POAM and Corrective Action Plan management, Interconnection Security Agreements, Security Impact Assessments within the change management process, risk assessments, and SLAs. Security controls and standards are aligned with NIST SP 800-53 rev 5 and the NIST RMF.Requires in-depth knowledge of FISMA, FedRAMP, NIST Special, Risk Management Framework, POAM management, incident response, audit, accreditation processes, and configuration management compliance.Additional activities include:Develop and/or maintain physical or logical topologies for monitored system(s) in concert with systems engineersAssist the contract’s security manager in meeting their duties and responsibilities, as well as extensive collaboration with customer security personnelPrepare, review, and update authorization packages and associated artifacts; familiarity with an authorization management system such as JCAM, eMASS, CSAM, Xacta, etc.Ensure the contract’s operations procedures and process documents are properly managed and reviewed/updated at least annually.Conduct periodic reviews of information systems to ensure compliance with the security authorization package.Coordinate annual incident management and COOP/DR tabletop exercises; monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.Familiarity with Azure tools, particularly Defender and Sentinel are highly desirable.Ensure audit records are collected, reviewed, and documented (to include any anomalies), in addition to internal and external audit supportExperience:Prior performance in roles such as System Administrator or Network Administrator, with preferential experience in specific ISSO duties.Certifications: CISSP or Security+ any revelant IT or security certificationEducation:Bachelor’s degree OR industry recognized certifications and 8 years of relevant experienceThe likely salary range for this position is $125,800 - $170,200. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.Scheduled Weekly Hours:40Travel Required:Less than 10%Telecommuting Options:RemoteWork Location:Any Location / RemoteAdditional Work Locations:Total Rewards at GDIT:Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee’s date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency