Information System Security Officer

Job Description

Information Systems Security Officer (ISSO)

PKH Enterprises is seeking qualified candidates who can provide client solutions with minimal instruction and can run projects independently. The ISSO will support a high-performing team committed to driving customer satisfaction through delivery and innovation. The ideal candidate will have excellent communications skills with the ability to present complex issues in clear and concise documentation. The candidate will be required to demonstrate a strong record of client delivery and thrive in a dynamic work environment, exhibiting ability to be flexible. The candidate must work well as part of a team and have the ability to lead aspects of the team.

The candidate shall:

• Serve as the principal advisor on all matters involving security on designated information system(s).
• Develop and maintain comprehensive system security authorization documentation.
• Must have experience with privacy intensive systems.
• Support the Assessor with all Ongoing Authorization (OA) and Security Control Assessment (SCA) activities per established schedules.
• Manage system Plan of Action and Milestones (POA&Ms) per client policy.
• Provide Change Management Support for their assigned systems.
• Advise the System Owner on the day to day security compliance of the assigned system.
• Ensure that management, operational, and technical controls for securing either National Security Systems or SBU level Information Systems are in place and are followed. This includes ensuring that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle, from the requirements definition phase through final decommission and disposal.
• Complete required Security Authorization (SA) system documentation and support SA activities in accordance with NIST 800.37 standards.
• Report IT Security events/incidents according to policy.
• Manage single or multiple systems depending on the size and complexity.
• In the direct support and maintenance of these systems with regard to Security Authorization, the ISSO will provide IT Security and compliance support to the client for their respective systems. This will include but is not limited to provide SA artifact maintenance, Continuous Monitoring and POA&M management support, testing S&A tools, analyzing DHS requirements, editing pertinent trainings, and supporting the Risk Management with vulnerability management or other related duties.
• Ensure IT systems have all security controls in place and functioning properly in accordance with NIST 800.53 (latest revision) and NIST 800.53A publications.
• Assist with external/internal audits for designated systems, inquiries, and data calls.
• Support Privileged Account Audits.
• Complete accurate Ongoing Authorization assessments and documentation (including but not limited to: Systems Trackers, Systems TRALs, Systems OA Entry Packages) and reports to OA Manager, Lead, and Authorizing Official.
• Ensure timely submission of monthly Continuous Monitoring scan data.
• Ensure the completion of privacy documentation to include PTA, PIAs, and e- Authentication spreadsheets, as required.
• Ensure the completion of SSI Threshold Analysis documentation, as required.
• Execute responsibilities as outlined in the Security Authorization and Ongoing Authorization Standard Operating Procedures.
  
  

Desired:

• Undergraduate degree in either the IT or relevant engineering field, or possess equivalent work experience.
• At least 7 years of administrator-level experience with User Activity Monitoring and Enterprise Audit applications.
• Have administrator and Authorization & Accreditation-level experience with crossdomain solutions.
• Understanding of Community on National Security Systems policy and specific knowledge of policies related to cross domain solutions in the Sensitive Compartmented Information network domain.
• Proficient in capturing, building, maintaining and reporting IT related metrics.
• Experience managing various platforms such as Linux and Windows operating systems.
• Experience in IT policy, planning, maintaining System Security Plans, reconciling IT Plans-of Action & Milestones (POA&M), and maintaining Approvals to Operate.
• Candidates with active Top Secret preferred.
  
  

Company Description

PKH Enterprises (PKH) is a small, woman-owned professional services firm dedicated to helping clients address challenging policy and technology issues. The PKH team is comprised of professionals with varied backgrounds combining legal, policy and technical expertise and offers the services and experience of business process engineers, senior subject matter experts and certified project managers. Our diverse capabilities help our clients improve performance and achieve innovative solutions to their most complex business problems. Our clients turn to us as partners and trusted advisors, and depend on our ability to anticipate, recognize and address their specific needs. PKHE has a reputation for excellence and remains dedicated to generating successful results for tasks at all levels of project execution.

To all recruitment agencies: PKH Enterprises does not accept unsolicited agency resumes/CVs. PKH Enterprises is not responsible for any fees related to unsolicited resumes/CVs.

PKH Enterprises is an Equal Opportunity Employer who is committed to creating a diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

PKH Enterprises (PKH) is a small, woman-owned professional services firm dedicated to helping clients address challenging policy and technology issues. The PKH team is comprised of professionals with varied backgrounds combining legal, policy and technical expertise and offers the services and experience of business process engineers, senior subject matter experts and certified project managers. Our diverse capabilities help our clients improve performance and achieve innovative solutions to their most complex business problems. Our clients turn to us as partners and trusted advisors, and depend on our ability to anticipate, recognize and address their specific needs. PKHE has a reputation for excellence and remains dedicated to generating successful results for tasks at all levels of project execution. To all recruitment agencies: PKH Enterprises does not accept unsolicited agency resumes/CVs. PKH Enterprises is not responsible for any fees related to unsolicited resumes/CVs. PKH Enterprises is an Equal Opportunity Employer who is committed to creating a diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.