Senior ISSO - TS/SCI CI Poly

Posted 2 Days Ago
Be an Early Applicant
Washington, DC
Senior level
Software
The Role
The Senior ISSO will lead the Risk Management Framework process for Cross Domain appliances, manage system security plans and reports, conduct annual security reviews and testing, and assist in maintaining compliance with FISMA. Responsibilities include vulnerability tracking, coordinating with security assessors, and ensuring users are trained on security protocols.
Summary Generated by Built In
cFocus Software is seeking a Senior ISSO to join our program located in Washington, DC / JBAB. This position requires an Active TS/SCI CI Poly.
Job Description:
  • Lead the RMF process for assigned Cross Domain appliances withing DIA Enterprise networks.
  • Maintain and report system’s Assessment & Authorization (A&A) status and events.
  • Manage the System Security Plan (SSP) for assigned Cross Domain systems throughout their lifecycle.
  • Perform annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.
  • Ability to understand Service Central to monitor project requests required to initiate new change requests.
  • Manage POA&M entries and ensuring vulnerabilities are properly tracked, mitigated, and resolved.
  • Assist with identification of the security control baseline set and any applicable overlays.
  • Ability to communicate relevant changes to the Security Control Assessor (SCA)
  • Assemble the Security Authorization Package and submit for adjudication.
  • Register and maintain the system in XACTA.
  • Plan and perform cybersecurity testing to assess security controls and recording security control compliance status during sustainment.
  • Report changes in the security posture of systems to the Authorizing Official (AO).
  • Utilize the Collaboration Board in XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).
  • Assist the ISSMs in executing their duties and responsibilities.
  • Ensure all users possess the requisite security clearances and awareness of their responsibilities for systems under their purview prior to being granted access.
  • Ensure an incident response, business continuity, disaster recovery, as well as vulnerability and threat reporting plans and channels are in place and that team members are trained accordingly.
  • Ensure relevant policy and procedural documentation is current and accessible to properly authorized individuals.
  • Utilize the Collaboration Board in the XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).

Requirements:

  • TS/SCI w Counter Intelligence Polygraph required
  • Must meet DoD 8570/8140 Certifications (i.e. IAM Level II/III or IAT II/III).
  • Well versed with using vulnerability assessment tools (ACAS, NESSUS, etc.) and analyzing the results generated from these assessments.
  • Demonstrated experience writing information system security control documentation (SSPs, POA&Ms, PTAs, PIAs, CMPs, CPs and IRPs).
  • Knowledge of Risk Management Framework (RMF) information security engineering, design concepts and principles.
  • Support annual assessments in accordance with guidance in the DIA Enterprise standards.
  • Basic understanding of VMware.
  • Ability to use MS Office, Analytical and Critical Thinking Skills,
  • Proactively create, monitor and update the status of POA&Ms to ensure weaknesses are resolved in accordance with their scheduled completion dates;
  • Respond to emerging requirements or policies as set by legislation, regulation or policy;
  • Experience supporting systems hosted in Cloud environments.
  • Conduct Contingency Plan tests at least annually and updating the plan;
  • Maintain knowledge of inventory in accreditation boundary;
  • Oral and written communication skills;
  • Interpersonal and People Skills.

The Company
HQ: Largo, MD
25 Employees
On-site Workplace
Year Founded: 2006

What We Do

Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.

cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365.

Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!

Similar Jobs

CDW Logo CDW

SMIT Field System Admin II - Onsite - Washington, DC

Artificial Intelligence • eCommerce • Information Technology • Internet of Things • Automation
Washington, DC, USA
15100 Employees

Cloudflare Logo Cloudflare

IAM Security Engineer

Cloud • Information Technology • Security • Software • Cybersecurity
Washington, DC, USA
3900 Employees
151K-216K Annually

Warner Bros. Discovery Logo Warner Bros. Discovery

Senior Director, Global News and Journalism Business Information Security Office

Artificial Intelligence • Digital Media • Gaming • Machine Learning • News + Entertainment • Software
Hybrid
Washington, DC, USA
40000 Employees

Similar Companies Hiring

TrainingPeaks (A Peaksware Company) Thumbnail
Software • Fitness
Louisville, CO
69 Employees
bet365 Thumbnail
Software • Gaming • eSports • Digital Media • Automation
Denver, Colorado
6100 Employees
Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account