Information System Security Officer (ISSO) at Tyto Athene, LLC in Suitland, Maryland

Posted in Other 1 day ago.

Type: full-time





Job Description:

Tyto Athene is searching for an ISSO to support a Government Program Management Office in Suitland, MD.

Responsibilities:
  • Provide cybersecurity engineering support as part of the system development life cycle (SDLC). Ensure security requirements are integrated into the system architecture, design, development, testing, assessment, authorization, delivery, and sustainment.
  • Apply the cybersecurity risk management framework (RMF) to program information systems in accordance with NIST SP 800-37, DoDI 8510.01, and ICD-503.
  • Implement the RMF life cycle steps to achieve system authorization and operation. Build, maintain, and track system's cybersecurity baselines and security authorization documentation using both eMASS and Xacta enterprise platforms.
  • Provide support to cybersecurity architecture and assessment & authorization (A&A) processes, ultimately leading to Authority to Operate (ATO) decision.
  • Identify and employ cybersecurity best practices for the organization. Create a well-informed plan based on DOD and Navy cybersecurity strategy and manage the adaption process. Incorporate security management into hardware, software, and applications.
  • Assist Government managers with information security oversight, policy analysis, IT product acquisition, and program execution in accordance with NIST SP 800-39 and the DoDI 8500.01.
  • Engage with Program Managers and technical stakeholders to interpret technical requirements, standards/policies, architectural artifacts, budget development, implementation, auditing, program briefs, and continuous monitoring.
  • Perform ACAS scanning, STIG checklist actions, vulnerability assessment/mitigation, implement changes, and review systems to identify potential security weaknesses.
  • Prepare documentation including Plan of Action & Milestones (POA&M), Systems Security Plans (SSP), Risk Assessment Reports (RAR), A&A packages, System Requirements Traceability Matrices (SRTM), Annual Security Reviews (ASR), and Security Assessment Reports (SAR).

Required:
  • Bachelor's Degree in computer science, cyber security, information systems, or other related technical discipline.
  • Six (6) or more years of experience in IT security, including RMF methodology and A&A.
  • Active DoD Cyber Workforce IAT Level II certification as a minimum, with specific course completion or renewal certificate.
  • Exceptional understanding of DOD cybersecurity policies, RMF steps and structure, A&A process, and gaining system authorization to operate (ATO).
  • Some background with Red Hat Enterprise Linux (RHEL) operating system.
  • Ability to operate and execute DISA tools, STIG Viewer, eMASSter, and strong familiarity with eMASS and Xacta functionality.
  • Strong communication skills with all levels of the IT workforce and can translate complex technical topics for senior decision-makers. Prepare/deliver presentations to leadership.

Desired:
  • CISSP, CISA, SSCP, CASP, GSEC, and/or CEH.

Clearance: Active TS clearance with access to SCI as reported in DISS (must have current Tier-5)

Location: Work is located 100% on government site in Suitland, MD
More jobs in Suitland, Maryland

Other
1 day ago

Tyto Athene, LLC
Management
4 days ago

Aquila
More jobs in Other

Other
2 minutes ago

Sterling Pharma Solutions
Other
9 minutes ago

Greenman-Pedersen Inc
Other
9 minutes ago

Federal Express Corporation