18 Jobs
SORT BY
I
I
I
I
I
I
I
I
I
I
I
I
I
I
I
I
Indigo IT is Hiring an ISSO Near Fort Meade, MD
ISSO
Ft. Meade, MD (hybrid onsite/telework)
SUMMARY:
Founded in 2001, Indigo IT is an award winning information technology consulting and services company. We are a trusted services provider to government agencies seeking innovative Cloud, Cybersecurity, Knowledge Management, and Enterprise solutions. We know our defense, federal, and civilian customers have critical IT infrastructures that must remain reliable, available, and maximized. Indigo IT is mission focused and committed to maintaining a sense of urgency in anticipating and supporting our customers’ technology goals and objectives. Our unique ability to think beyond today allows our clients to stay ahead of their IT challenges. As a Veteran-Friendly employer, we are proudly partnered with the Virginia Values Veterans (V3) Program, and a recipient of the HIRE Vets Gold Medallion Award, which recognizes our commitment to recruiting our nation’s Veterans. Recognized on the Inc. 5000 list of America’s fastest growing companies in 2020 & 2021 and named as one of the 2022 Best Places to Work in Virginia, we are always looking to hire top talent in the field - come join us today!
This position will be responsible for providing expert level support in the implementation of the Risk Management Framework in accordance with the National Institute of Standards and Technology. This includes providing and maintaining all security assessment and authorization (SA&A) packages for completeness in an acceptable format using automated and manual inputs to ensure compliance with FISMA and other Federal and agency standards. Additionally, this position is largely focused on operational and technical security capabilities to include incident handling and analysis, entity scanning and reporting of results directly to the CISO (patch, vulnerability, real-time intrusion detection, and baseline compliance), as well as both configuration and review of intrusion detection and prevention tools as required to assess and improve the overall security posture of the organization.
ESSENTIAL FUNCTIONS/RESPONSIBILITIES:
- Experience with DOD 8510 (DIACAP and RMF), DoD 6510 and 8500 series instructions, and NIST 800 series guidance
- Experience with IAVMs, DISA STIGs, POA&Ms, and related Federal/DoD policies and regulations
- Experience working with information security practices, networks, software, and hardware
- Strong analytical and problem solving skills for resolving security issues
- Strong organizational skills to balance various workloads
- Strong interpersonal skills to interact with customers and team members
- Excellent communication skills to interact with team members and support personnel
- Ability to work in a team environment
- Self-driven and motivated
- Experience documenting and assessing RMF controls, Plan of Actions and Milestones (POA&Ms), and vulnerabilities in eMASS.
- Experience with DISA's security change request procedures.
- Experience reading and interpreting DOD STIG results from SCAP scans and self-assessment checklists via STIG Viewer.
- Experience running, reading and/or interpreting BURP scans.
- Experience reading and interpreting ACAS scan results.
- Familiarity with Cyber Command vulnerability remediation timelines
- Experience reading and interpreting Topology Drawings
- Excellent memorization skills
EDUCATION, EXPERIENCE, & CERTIFICATIONS:
- Active Secret Clearance
- Bachelor’s degree and at least ten (10) or more years of direct experience in computer and systems security. Six (6) years of general IT experience is equivalent to a bachelor’s degree.
- At least five (5) years of experience providing direct support to Federal IT compliance initiatives including the preparation/development of annual FISMA reports, compiling responses to Federal information requests, and implementing provisions set forth by the OMB, DHS, and other Federal guidance entities.
- Experience working in a Security Operations Center (SOC) or similar environment is highly recommended.
- Require DOD 8570-01M IAT Level II certification (CompTIA Security , CASP, CeH, or equivalent)
- Preferred relevant professional certifications from recognized industry consortiums including ISC2 (CISSP), ISACA (CISA), SANS/GIAC (GMON, GCIA, GCED, GCIH, GPEN).
SPECIFIC KNOWLEDGE, SKILLS, & ABILITIES:
- Information Certification & Accreditation Regulations, Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) guidance
- Security Assessment and Authorization (SA&A) process in alignment with the NIST Risk Management Framework
- Network monitoring
- Intrusion and malware detection using host-based and network-based intrusion detection systems (IDS) and log management applications
- Familiarity with vulnerability scanning and management using Tenable Nessus; reviewing scan reports.
- Identifying, collecting, processing, documenting, reporting, cyber security/ incident response events
- Architecting, engineering, developing and implementing cyber security/incident response policies and procedures; engineering, testing, installing, patching, and upgrading various information security hardware and software applications
- Information system security, cyber security, computer forensics, vulnerability assessment and penetration testing, malware analysis, insider threat
- Skill in conducting and analyzing the results of test events including utilizing in-depth knowledge of TCP/IP ports and protocols to provide accurate, concise, and complete results to senior leadership.
- Skill in designing a security focused data analysis structure (i.e., the types of data your test must generate and how to analyze those data).
- Skill in determining an appropriate level of test rigor for a given system.
- Skill in developing operations-based testing scenarios.
- Ability to recommend improvements to the internal processes to maximize customer service levels and improve overall security posture of the organization.
- Excellent time management skills, with ability to juggle multiple priorities and complete tasks on time
- Strong analytical skills with the ability to analyze data sets to determine trends, establish strategies, and make decisions about real time threats as well as identification and elimination of false positives from operational reports.
- Outstanding interpersonal and communication skills with the ability to effectively communicate across diverse audiences.
- Self-starter, ability to work effectively both independently and as part of a team including the ability and desire to own every aspect of a task from start to finish.
Indigo IT is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. This employer uses E-Verify.
Job Summary
JOB TYPE
Full Time
INDUSTRY
Business Services
SALARY
$98k-118k (estimate)
POST DATE
04/11/2024
EXPIRATION DATE
06/10/2024
WEBSITE
indigoit.com
HEADQUARTERS
RESTON, VA
SIZE
50 - 100
FOUNDED
2001
CEO
DENISE GARCIA VAN WYNGAARDT
REVENUE
$10M - $50M
INDUSTRY
Business Services
Related Companies
Show more
The job skills required for ISSO include Information Security, Analysis, Risk Management, Cybersecurity, CISSP, Initiative, etc. Having related job skills and expertise will give you an advantage when applying to be an ISSO. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by ISSO. Select any job title you are interested in and start to search job requirements.
For the skill of Information Security
US United States Army Futures Command
Full Time
$81k-104k (estimate)
5 Days Ago
For the skill of Risk Management
US Defense Information Systems Agency
Full Time
$131k-175k (estimate)
5 Days Ago
Show more
The following is the career advancement route for ISSO positions, which can be used as a reference in future career path planning. As an ISSO, it can be promoted into senior positions as an Information Security Analyst IV that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary ISSO. You can explore the career advancement for an ISSO below and select your interested title to get hiring information.
Similar Jobs
Popular Articles
Top 10 Things to Avoid Putting on a Job Application
Read Article
How to Describe Your Education in a Resume
Read Article
How to Write a Memorable Cover Letter in 5 Ways
Read Article
4 Personal Finance Tips to Make During Job Transition
Read Article
4 Best Camera Setups for Interview
Read Article
Keeping a Job Search Journal: 9 Types of Journaling You Can Do
Read Article
