Senior ISSO - TS/SCI CI Poly

Posted 9 Days Ago
Be an Early Applicant
Washington, DC
Senior level
Software
The Role
The Senior ISSO will lead the Risk Management Framework process for Cross Domain appliances, manage system security plans and reports, conduct annual security reviews and testing, and assist in maintaining compliance with FISMA. Responsibilities include vulnerability tracking, coordinating with security assessors, and ensuring users are trained on security protocols.
Summary Generated by Built In
cFocus Software is seeking a Senior ISSO to join our program located in Washington, DC / JBAB. This position requires an Active TS/SCI CI Poly.
Job Description:
  • Lead the RMF process for assigned Cross Domain appliances withing DIA Enterprise networks.
  • Maintain and report system’s Assessment & Authorization (A&A) status and events.
  • Manage the System Security Plan (SSP) for assigned Cross Domain systems throughout their lifecycle.
  • Perform annual security reviews, annual testing of security controls, and annual testing of the contingency plan, in line with FISMA requirements.
  • Ability to understand Service Central to monitor project requests required to initiate new change requests.
  • Manage POA&M entries and ensuring vulnerabilities are properly tracked, mitigated, and resolved.
  • Assist with identification of the security control baseline set and any applicable overlays.
  • Ability to communicate relevant changes to the Security Control Assessor (SCA)
  • Assemble the Security Authorization Package and submit for adjudication.
  • Register and maintain the system in XACTA.
  • Plan and perform cybersecurity testing to assess security controls and recording security control compliance status during sustainment.
  • Report changes in the security posture of systems to the Authorizing Official (AO).
  • Utilize the Collaboration Board in XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).
  • Assist the ISSMs in executing their duties and responsibilities.
  • Ensure all users possess the requisite security clearances and awareness of their responsibilities for systems under their purview prior to being granted access.
  • Ensure an incident response, business continuity, disaster recovery, as well as vulnerability and threat reporting plans and channels are in place and that team members are trained accordingly.
  • Ensure relevant policy and procedural documentation is current and accessible to properly authorized individuals.
  • Utilize the Collaboration Board in the XACTA workflow for all formal coordination during the RMF process. Detailed findings will be posted in the Artifacts tab (if necessary).

Requirements:

  • TS/SCI w Counter Intelligence Polygraph required
  • Must meet DoD 8570/8140 Certifications (i.e. IAM Level II/III or IAT II/III).
  • Well versed with using vulnerability assessment tools (ACAS, NESSUS, etc.) and analyzing the results generated from these assessments.
  • Demonstrated experience writing information system security control documentation (SSPs, POA&Ms, PTAs, PIAs, CMPs, CPs and IRPs).
  • Knowledge of Risk Management Framework (RMF) information security engineering, design concepts and principles.
  • Support annual assessments in accordance with guidance in the DIA Enterprise standards.
  • Basic understanding of VMware.
  • Ability to use MS Office, Analytical and Critical Thinking Skills,
  • Proactively create, monitor and update the status of POA&Ms to ensure weaknesses are resolved in accordance with their scheduled completion dates;
  • Respond to emerging requirements or policies as set by legislation, regulation or policy;
  • Experience supporting systems hosted in Cloud environments.
  • Conduct Contingency Plan tests at least annually and updating the plan;
  • Maintain knowledge of inventory in accreditation boundary;
  • Oral and written communication skills;
  • Interpersonal and People Skills.

The Company
HQ: Largo, MD
25 Employees
On-site Workplace
Year Founded: 2006

What We Do

Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.

cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365.

Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!

Similar Jobs

Remote
23 Locations
10000 Employees
185K-295K Annually

CrowdStrike Logo CrowdStrike

Sr. Software Engineer, SDET - Infrastructure (Remote)

Cloud • Information Technology • Sales • Security • Cybersecurity
Remote
6 Locations
10000 Employees
135K-215K Annually

CrowdStrike Logo CrowdStrike

Threat Analyst, Machine Learning (Remote, Eastern & Central)

Cloud • Information Technology • Sales • Security • Cybersecurity
Remote
36 Locations
10000 Employees
100K-150K Annually

CrowdStrike Logo CrowdStrike

Business Resilience Analyst (Remote)

Cloud • Information Technology • Sales • Security • Cybersecurity
Remote
44 Locations
10000 Employees

Similar Companies Hiring

Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees
RunPod Thumbnail
Software • Infrastructure as a Service (IaaS) • Cloud • Artificial Intelligence
Charlotte, North Carolina
53 Employees
Hedra Thumbnail
Software • News + Entertainment • Marketing Tech • Generative AI • Enterprise Web • Digital Media • Consumer Web
San Francisco, CA
14 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account