Job Description:

Seeking an experienced Information Systems Security Officer (ISSO) who will be responsible for ensuring compliance with the ISSO roles and responsibilities as laid out in agency directives, instructions, and memos. ISSO will provide support to PL SSW for all matters related to cybersecurity across the product office’s portfolio of systems and capabilities.

Essential Duties and Responsibilities:

• Perform tasks delegated by the ISSM in support of various information assurance /cybersecurity programs such as security authorization activities in compliance with Risk Management Framework (RMF) policies and procedures including System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM).
• Maintains operational security posture to ensure information systems (IS), security policies, standards, and procedures are established and followed.
• Performs vulnerability/risk assessment analysis to support Assessment & Authorization (A&A).
• Review and analyze system audit logs to identify anomalous activity and potential threats to network resources.
• Conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to acceptable security levels.
• Apply a full range of Cybersecurity policies, principles, and techniques to maintain the security integrity of information systems processing classified information.
• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk.
• Work with government customers to support computer security incidents and vulnerability compliance.
• Input and maintain system documentation into government record-keeping systems like Xacta and eMASS.
• Provide Configuration Management for security-relevant information system software, hardware, and firmware.
• Perform risk analysis whenever an application or system undergoes a major change.
• Provide input to the Risk Management Framework process activities and related documentation.

Requirements:

• Must Have:
  • A minimum of 10 years of experience as an IA/Security Specialist and OMB Information Security directives/policy compliance
  • At least 5 years of direct experience and in-depth working knowledge of FISMA and NIST Information Security Guides.
  • Experience performing vulnerability/risk assessment analysis to support Assessment & Authorization (A&A).
  • Understanding and hands on experience in RMF processes and activities to obtain and maintain system ATO.
  • Advanced written and verbal communication skills.
• Preferred:
  • Experience with effective policy, instruction, and development for Federal or DoD Information Security Programs.
  • Experience with performing Security Control Assessment in compliance with NIST SP 800- 37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guides.
  • Experience with risk analysis and assessment determinations.
  • Experience with eMASS.
  • Experience with Xacta.

Education and Certification Requirements:

• Must hold active Security , CISSP, CISA, or equivalent certifications (DoD 8570 IAM 2 equivalent)
• Bachelors degree in Electrical, Electronic or Computer Engineering; Computer Science or related field. Four (4) additional years of direct relevant technical experience may be substituted for education level. A MS degree in a related field may be substituted for one (1) year of experience. A PhD in a related field may be substituted for an additional two (2) years of experience.

Position requires active Security Clearance with appropriate Polygraph

About Us:
RealmOne is a mid-sized science and technology company dedicated to solving our customers’ toughest mission challenges.

Headquartered in Columbia, MD., RealmOne supplies advanced cybersecurity, data science and software engineering services and products to customers in the Government and commercial sectors.

RealmOne has won numerous awards, to include Top Workplaces by the Baltimore Sun. Across more than 20 prime contracts, RealmOne is a premiere innovator for the Government and Department of Defense, and our team is located across the United States.