Senior Security ISSO

Govcio LLC

1d•Hybrid

About The Position

GovCIO is currently hiring a Senior Security ISSO with an active Secret clearance to oversee IT security, risk assessments, compliance, and network documentation. This position will be located in Arlington, VA and will be a hybrid position. GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer? Our employees’ unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.

Requirements

High School with 10+ years IT security programs, risk management, and network compliance (or commensurate experience)
Active Secret clearance with ability to obtain and hold DEA suitability

Responsibilities

Plan and coordinate IT security programs and policies.
Manage and control system changes, assessing the security impact of related changes.
Provide security testing for code changes/development, and prepare/review documentation, including System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
Provide Subject Matter Expertise (SME) for disaster recovery (DR) contingency plans (ISCP).
Write expert IT Security evaluations of audit findings.
Assist with creating, updating, and closing all Plans of Action and Milestones (POAMs), and develop security.
guidelines and processes for new and existing DEA networks as needed.
Provide IT Security analysis by reviewing all System Change Requests (SCRs), reviewing vulnerability scan reports, and working with technical SMEs to develop and track plans to remediate findings.
Apply knowledge of NIST Publications 800-53, 800-37, 800-34, 800-60, and other relevant security guides.
Review, Assessment, and Evidencing of NIST security controls for both unclassified and classified environments.
Demonstrate knowledge of DISA/STIGs, their application, and review.