"Alerted.org

Job Description

In this role, you will:

• Fill the DoD Risk Management Framework role of Information System Security Officer (ISSO).

• Perform integration of cybersecurity compliance (Federal Information Security Modernization Act / FISMA, Risk Management Framework / RMF), cybersecurity operations, and systems development lifecycle (SDLC) security activities for all applicable environments and efforts.

• Provide support to all organization-wide information governance activities.

• Ensure adherence to enterprise information security policies, standards and practices to achieve the required level of consistency, quality, and protection to meet overall business needs.

• Provide support in reviewing and editing existing Information Security Policies, procedures, and Standards.

• Monitor, evaluate, and maintain systems and procedures to protect the data systems and databases from unauthorized users. Identify potential threats and respond to reported security violations. Determine causes of security breaches and research, recommend, and implement changes to procedures to protect data from future violations. Assist in educating users on security procedures.

• Combine cybersecurity knowledge with that of Agile application development and DevSecOps, leveraging established experience with cloud platform services, DevOps practices such as build/release management, secure SDLC DevSecOps practices such as automating security processes in Continuous Integration / Continuous Deployment (CI/CD) pipelines, and general automation.

• Resolve problems, mitigate delays, disputes and escalate issues.

• Understand complex information and communicate the information to people with diverse professional backgrounds.

• Provide recommendations to adapt and respond to dynamic cybersecurity landscape and continually improve security processes and posture.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Skills and Requirements

To be successful in this role, you will have:

• Bachelor`s degree and 10+ years

• One of the following:

o Bachelor’s degree in Computer Science (CS), Information Assurance (IA), Cybersecurity, Engineering, or Mathematics with a minimum of 5 years of enterprise IA/cybersecurity, cybersecurity operations, and/or federal cybersecurity compliance experience

o Master’s degree in CS, IA, Cybersecurity, Engineering, or Mathematics with a minimum of 3 years of enterprise IA/cybersecurity, cybersecurity operations, and/or federal cybersecurity compliance experience

• Must be familiar with DoD Risk Management Framework.

• Understands NIST SP 800-53 and CNSSI 1253 security controls.

• Experience with performing vulnerability scans, DISA STIG assessments, POA&M documentation, and leading remediation efforts on medium to large systems with 100+ endpoints.

• Good attention to detail and ability to work independently as well as part of a team.

• Active CompTIA Security+ CE certification

• Active Department of Defense (DoD) Secret security clearance

• The ability to sign a non-disclosure agreement.

• The ability to work on-site at the Pentagon in Arlington, Virginia for the majority of the workweek (hybrid scheduling may be supported). Additional desired experience and skills:

• Cloud platform-specific (AWS) security certifications

• Experience with DoD ACAS and DoD STIG