Job#: 1306501

Job Description:

If interested please email an updated resume to Sara Valle at svalle@apexsystems.com

Position: Security Impact Assessment/ISSO

Clearance: Must hold active DoD Top Secret clearance and previously held SCI

Shift Hours: Dayshift; core support hours are 0600 -1800

Location: Pentagon- on-site M-F

Duration: Long Term Contract

Overview: Seeking experienced Information System Security Officer (ISSO) to support the A&A team with performing Security Impact Assessment on all Information Systems and software being introduced to the network.

Roles and Responsibilities:

• Manage multiple System Impact Assessments assigned to the team through various projects, working directly with the system owners and the Project Managers to ensure the software or systems have gone through all Information Assurance checks and the required documentation and artifacts have been completed and presented to the team.
• Run and review ACAS scans, SCAP scans and manually validating STIG checklists.
• Analyze vulnerability scans, SCAP scans, and STIG checklists results to determine critical vulnerabilities that are still open and need to be remediated before approving the SIA.
• Using Analysis results, work with the system owners to determine if open vulnerabilities can be closed, mitigated or if a POAM needs to be submitted to give the system owner time to work on remediation efforts.
• Consider and identify impacts as well as consideration of existing risk mitigation strategies and work with the system POC to either close the vulnerability or mitigate the vulnerability using know mitigation strategies.
• Provide recommendations to system owners on remediation steps based on DoD and AF guidance and directives.
• Review and update network diagrams, submit firewall change requests.
• Validate system Hardware/Software
• Complete security control validation and self-assessment of a system or network to address known threats and vulnerabilities.
• Run pre and post MKRunTest software evaluation scans and analyze the results to determine if the software presents any new vulnerabilities that need to be remediated.
• Create SIA memorandums and supporting documentation.
• Create and maintain Standard Operating Procedures (SOP) and Work Instructions (WI)
• Creation and tracking of Plans of Actions & Milestones (POA&Ms) for all System Impact Assessments through the lifecycle of the project.
• Present System changes to the Configuration Management Board (CMB)

Basic Qualifications

• Bachelor's degree in Information Security, Information Systems, or related discipline and 8+ years of direct experience; or Master’s degree and 6+ years of experience. Additional relevant/specialized training and experience may be substituted in lieu of degree.
• Possess a current DoD 8570 compliant certification for IAT Level II, e.g. Security + w/CE prior to start.
• Experience with Nessus scanning and reading vulnerability details from tool
• Understanding and experience of validation of Security Technical Implementation Guides (STIGs) for all products
• System administration background
• Strong written communication skills to coordinate issues and concerns with team
• Experience with Command Cyber Readiness Inspection (CCRI) scoring
• Strong analytical and problem-solving skills
• Ability to work effectively independently as well as within a team environment.
• Expert in evaluating security controls and compliance on a variety of hardware and software systems.

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at employeeservices@apexsystems.com or 844-463-6178.

Employee Type:
Contract

Location:
Washington, VA, US

Job Type:
Infrastructure and Security

Date Posted:
October 26, 2022