A leading federal integrator is looking to hire an Information Security Officer for their Bethesda location. This position is part of the cyber security team, and is responsible for maintaining and improving the security posture for the information systems that support the development and fielding of a variety of US Naval training systems. Candidate will perform at least the following tasks:
Perform regular audits of Information Systems (IS), including review of system audit logs, verification and maintenance of regular backups of the IS, and inventorying of IS components. Ensure that system recovery processes are monitored and tested to ensure that all IS components are able to be restored. Perform patch management of all ISs within the facility. Ensure that each IS's Configuration Management Plan is maintained, audited, and updated regularly.
Maintain System Access Control Management, and audit user accounts on the IS. Ensure that unauthorized personnel are not granted use of, or access to, any IS within the facility.
Assist the Information System Security Manager (ISSM) in the management of ISs, and maintain security posture through entire lifecycle and adherence to the Risk Management Framework. Ensure the implementation of security measures in accordance with the SSP and ISSM's guidance.
Perform periodic Risk Assessments of the Information Systems and identify and document any unique threats to the Information Systems. Develop and perform regular vulnerability and security posture tests of the IS, as required by the Security Control Assessor (SCA) and ISSM.
Assist with the implementation of facility procedures, under the direction of the ISSM, to include media handling, security incident handling, IS User Briefings, and IS security reviews and audits. Assist with the maintenance of the System Security Policy (SSP) and Supplemental SSPs for all information systems within the facility. Assist the ISSM with Plan of Actions & Milestone (POA&M) updates, maintenance, and coordination with the SCA. Perform Security Briefings for personnel on Rules, Responsibilities, and Acceptable Use.
Assist with the evaluation of changes or additions to the IS within the facility, work with the ISSM to determine security relevance, and make recommendations for approval or denial to the ISSM.
Assist the Facility Security Officer (FSO) with periodic inventories.
Provide general technical support to users and general system administrator support.
Education and Years of Experience:
BA/BS degree and a minimum of 4 years relevant experience. Select certifications may be substituted for the education requirement.
Must be 8570.1M/8140 compliant with certifications of Security+ CE or SSCP, CISSP preferred and Server+, or RHCSA or better.
Required Experience and Skills:
Must have past experience with, and demonstrate the skills and capabilities to successfully execute the duties and responsibilities of this position
Must have 4+ years of experience in supporting Red Hat Enterprise Linux Version 6 and 7, and 4+ years of experience in supporting Microsoft Windows in a Domain environment. Linux and Windows experience may be concurrent.
Must have direct experience with maintaining and troubleshooting Dell Hardware, or Supermicro Hardware, or PC hardware, and be familiar with virtualization
Must demonstrate a general commitment to excellence, a dedication to producing quality work results, and an ability to learn and apply new skills.
Must be a flexible, positive and energetic team player, be able to work in a fast paced environment and adapt to changes in tasking, be able to work with minimal supervision, be courteous and professional when interacting with colleagues and customers, demonstrate a solid ability to identify and solve problems, plan and prioritize personal tasking, effectively communicate verbally and in writing, and be able to work successfully in a team environment
Ability to obtain and maintain a Secret Security Clearance
Active Secret Security Clearance highly preferred
Previous ISSO experience
Linux script development
Familiarity with Jira, Confluence, Portfolio, Service Desk, and MS Project