Information System Security Officer - Cleared ISSO (TS SCI eligible)

LTS is seeking an experienced Information System Security Officer (ISSO) to support the coordination with business and technology teams, ascertaining system requirements, such as program functions, output requirements, input data acquisition, and system techniques and controls. The environment is dynamic, and client needs are often evolving; flexibility and forward-thinking views are important for success. This position will require Active TS SCI eligible security clearance.

This position is 100% on-site in Washington, DC.

LTS provides trusted consulting, and solutions in an increasingly complex and growing world. Our deep expertise in technology and analytics helps us serve a broad constituency of clients that range from cabinet-level departments of the U.S. Government to the largest Federal IT contractors in the world.

LTS is a leading information technology (IT) provider for mission critical systems leveraging the latest technologies to deliver cutting edge solutions from small mobile applications to large, complex enterprise applications. Our professionals specialize in multiple disciplines including program management, system integration, system design, system development, cybersecurity, infrastructure and data analytics.

Responsibilities:

• Develop, implement, and maintain comprehensive information system security policies and procedures.

• Ensure that the organization's information systems are compliant with applicable standards, frameworks, and regulations (e.g., NIST, ISO 27001, HIPAA, FISMA, etc.).

• Conduct regular assessments and audits of information systems to identify vulnerabilities and ensure the effectiveness of security controls.

• Perform risk assessments and manage risk mitigation strategies for information systems.

• Oversee the implementation of security measures such as encryption, firewalls, intrusion detection/prevention systems, and other security technologies.

• Monitor access control systems and ensure only authorized users have access to critical information systems.

• Review and approve security configurations for new systems and applications.

• Lead and coordinate incident response activities, including identifying, analyzing, and mitigating security breaches.

• Develop and implement business continuity and disaster recovery plans for information systems.

• Design and manage security systems, including firewalls, intrusion detection systems, anti-virus software, and encryption tools.

• Conduct security audits and assist with the preparation for external security assessments.

• Coordinate incident response activities, investigate security breaches, and provide recommendations for incident mitigation.

• Stay up-to-date with the latest information security trends, technologies, and best practices to ensure continuous improvement of the organization's security posture.

• Educate and train employees on best practices for information security, data privacy, and incident response.

• Provide support during investigations of security breaches and data loss incidents.

• Ensure compliance with regulatory requirements, industry standards, and best practices for information security.

• Prepare and submit security documentation, including System Security Plans (SSPs), Risk Assessment Reports, and Continuous Monitoring Reports.

• Collaborate with internal auditors and external regulatory bodies to ensure compliance.

• Conduct regular security awareness training for employees to ensure understanding and adherence to security policies and procedures.

• Serve as a security subject matter expert and provide guidance and training on cybersecurity best practices.

• Work closely with IT, legal, and other departments to ensure security policies align with business goals and regulatory requirements.

• Collaborate with third-party vendors to assess and improve the security of outsourced systems and services.

Required Skills, Experience & Qualifications:

• Bachelor’s degree AND minimum of two (2) years of eMASS experience and a minimum of three (3) years of experience in eMASS experience AND Minimum of five (5) years of preparing SA&A package or ATO package.

• Must have an Active TS SCI eligible security clearance

• Must be a U.S. Citizenship is required

• Must possess one of the following DoD level Ill Security professional certifications (CISA, GIAC Certified Incident Handler (GCIH), GIAC Information Security Expert (GSE), GIAC Security Leadership (GLSC), Security Certified Network Architect (SCNA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), and/or Certified Information Systems Auditor (CISA).

• Strong communication skills (oral and written) relay concise messaging and reporting to all levels of management.

• Great interpersonal skills and ability to work independently with minimal guidance/supervision.

• Strong analytical and investigation skills crafting solutions to challenging problems or issues.