Job Title: Lead, Cyber Intelligence (ISSO)

Job Code: 20061

Job Location: Sterling, VA

Job Description:

We are seeking an experienced Information System Security Officer (ISSO) to support the Information System Security Manager (ISSM) in securing government-authorized systems. The ISSO will be responsible for creating and maintaining documentation related to the Assessment & Authorization (A&A) process, ensuring compliance with the Risk Management Framework (RMF), ICD 503, and NISPOM standards. Key duties include conducting security control assessments as part of the Continuous Monitoring Plan, overseeing configuration management, and collaborating on the development and implementation of system hardening guides based on DISA and NIST guidelines. The ISSO will audit systems to maintain security posture, conduct hardware/software inventory assessments, identify deficiencies in security controls, develop Plans of Actions and Milestones (POA&Ms), and manage remediation efforts. Additionally, the role involves conducting annual self-assessments, investigating security incidents such as data spills and malicious events, and providing security education and training to various audiences. Overall, the ISSO will ensure the ongoing operational security of assigned systems, mitigate risks, and contribute to maintaining a secure information environment.

Essential Functions: 

• Author and maintain Assessment & Authorization (A&A) documentation of assigned systems.
• Perform security control assessments and execute Continuous Monitoring Plans.
• Work with IT and system administration organizations to develop device and system hardening guides following DISA and NIST guidelines.
• Maintain patching compliance along with hardware and software baselines.
• Responsible for customer interface in the tracking and resolution of POA&Ms.
• Ensure all systems are comprehensively monitored for anomalous activity.
• Manage the incident response process for areas of responsibility.
• Develop new concepts, standards, and training material which make significant and impactful improvements to processes, systems, solutions, or products.
• Lead inventory and asset management discovery and tracking activities.
• Work with site leadership to improve the security posture of systems and the facility.
• Perform vulnerability, compliance, and network mapping scans on information systems and work with system administrators to address vulnerabilities.

Qualifications:

• Bachelor’s Degree and minimum 9 years of prior relevant experience. Graduate Degree and a minimum of 7 years of prior related experience. In lieu of a degree, minimum of 13 years of prior related experience.
• Minimum 8 years of prior relevant experience to include experience with networking equipment; experience interpreting vulnerability scanning results (e.g. Nessus, Rapid7, etc.); experience reviewing workstation, server, firewall, & IPS logs; experience with SIEM tools.
• Active Top Secret//SCI security clearance with CI Polygraph.
• DoD 8570.01-M IAM II certification.
• Experience as an ISSO managing cybersecurity on classified systems under multiple agencies’ JSIG, NISPOM Ch8, ICD 503, and/or NIST 800-53 implementations.
• Experience developing, managing, and providing evidence to close POA&Ms associated with the A&A and project management processes.
• Experience with workstation and server operating systems, including but not limited to Microsoft and Linux offerings.
• Experience conducting scans with tools such as Tenable Nessus, Rapid7 Nexpose, and Nmap within various operating system environments (i.e., Windows and Linux).

• Experience with project management and collaboration applications including Jira and Confluence.

• Be able to work independently with minimal oversight.

Preferred Additional Skills:

• DoD 8570.01-M IAT III certification.
• Willingness to submit to a Lifestyle (FS) polygraph.
• Flexibility to adjust to changing requirements, schedules, and priorities.
• Able to socialize ideas, make recommendations, and gain team consensus.
• Excellent time management and task prioritization skills.
• Exceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills and ability to lead/mentor teammates.
• High level of personal motivation and initiative to learn and acquire new skills.

#LI-FS1