ISSO

· Supports the operation and maintenance of assigned business applications in accordance with the National Gallery’s IT security program’s established policy.

· Maintains the catalog of assigned IT enterprise and departmental business applications with information including but not limited to: (i) system points of contact, (ii) vendor point of contact, (iii) Tier, (iv) location, (v) type (i.e., Cloud, on-premise, hybrid, colocation, etc.).

· Serves as a primary contact for coordination, implementation, and/or enforcement of information security policies (e.g., account management, configuration management etc.)

· Participates in implementation of systems security policies, standards, and procedures related to the assigned business applications.

· Ensures interconnection security agreements (ISA) are in place for key interfaces.

· Ensures backup and restore tests are performed annually for on-premise business applications.

· Participates in fusion teams to review vendor capabilities and security posture for potential new systems within scope of responsibility.

· Works with the operations team and vendors to patch system vulnerabilities and perform timely upgrades.

· Reviews vendor capabilities and security posture for potentially new IT systems/applications/services and provide recommendations on risk.

· Collaborates with the CISO, CIO, system managers, and other stakeholders to finalize IT security requirements for third-party IT systems/applications/services.

· Work with the National Gallery’s Contracts and Procurement Office (APC) to ensure all applicable IT security requirements are included within issued IT system/application/services contracts.

· Ensure vendors/contractors/providers comply with the Gallery IT security policies and procedures established as part of the third-party risk management program.

· Review results of vulnerability scans (internal or third-party) for third-party applications/systems/devices and work with the appropriate system managers and operations (TDS-OPS) personnel to remediate critical and high vulnerabilities.

· The ISSO possesses strong qualifications in information technology and at least 3 years of progressive IT security experience at a similarly complex organization.

· Candidate has a bachelor’s degree in information technology, computer science, engineering, or equivalent degree. One or more certifications in the area of IT security (Security , CAP, SSCP, CEH, etc.) is preferred but not mandatory.

· Knowledge of functions that focuses on the systems, to support, monitor, test, and troubleshoot hardware and software problems pertaining to the computing environment, network environment.

· Knowledge of SP 800-53 security controls and its applicability to IT systems.

· Demonstrates ability to stay current with evolving technology in IT security, e.g., identity and access management tools, patch management and software distribution tools (e.g., Ivanti, Casper, etc.)

· Demonstrates technical experience to include experience with Windows, Mac and/or Linux systems.

· Ability to plan and organize work, and meet deadlines with little to no supervision.

The work is performed in a normal office environment. Telecommute option is available 3 days a week with 2 days on-site at the office.

Job Type: Full-time

Pay: $125,000.00 - $145,000.00 per year

Benefits:

• 401(k) matching
• Dental insurance
• Flexible schedule
• Paid time off
• Vision insurance

Schedule:

• 8 hour shift

Education:

• Bachelor's (Required)

Experience:

• ISSO: 3 years (Required)
• identity and access management tools: 3 years (Required)
• sp800-53 security controls: 3 years (Required)

License/Certification:

• Security Certification , CAP, Security , CAP, CEH, (Required)

Ability to Commute:

• Washington, DC 20565 (Required)

Work Location: Hybrid remote in Washington, DC 20565