Job Information
KeenLogic Senior Information System Security Officer in Arlington, Virginia
KeenLogic is seeking to hire a Senior Information System Security Officer (ISSO) to join our team at the Drug Enforcement Administration. The ISSO will serve primarily on the Cybersecurity Service Security Team. This role ensures the appropriate operational security posture is maintained for information systems or programs. The ISSO also serves as the principal advisor to the Authorizing Official and Information System Owner on all matters involving the security of the information system.
This is a full-time position offering Fortune 500-level benefits, PTO, 401k, and Life Insurance, and monthly reimbursement for travel. This position follows a 3x2 schedule, 3 days a week onsite and 2 days of remote work. Core work hours are 9:00am-2:30pm, with core start times between 6:00-9:00am.
Required Qualifications:
Active Secret clearance
Must be eligible for Top-Secret clearance
Master’s degree from an accredited college or university or equivalent (documented formal training) in Computer Science, Information Systems Analysis, Science/Technology, Information Management, Information Technology, Computer Engineering
Minimum 8 years of experience performing any combination of Information SPAA, cybersecurity, system administration, or engineering
Minimum 10 years of experience as ISSO, security analyst, or security engineer
Minimum 10 years of experience with program security responsibilities to include, but not limited to the NIST RMF, audit log reviews, system monitoring, SPAA processes, FISMA requirements, vulnerability & compliance scanning, continuous monitoring activities, security testing and evaluation, and security policies
Minimum 10 years of experience in one or more vertical disciplines such as law enforcement, anti-terrorism, biological science, banking, transportation, or other such disciplines as required to define/establish the functional or business direction of an enterprise, agency, or inter-agency requirement
Job Duties:
Evaluation of the assigned information systems’ security control compliance with the federal requirements and the client’s monitoring strategy
Management of emerging and defined risks associated with the administration and use of assigned information systems
Coordination with the client’s Cybersecurity Unit to achieve and maintain the information systems’ compliance and authorization to operate (ATO)
Ensuring systems are operated, maintained, and disposed of in accordance with policies outlined in the approved security authorization package
Performing annual assessments to ensure compliance with the client’s policies and standards
Serve as a member of the Configuration Control Board (CCB) to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented
Ensuring information system security requirement are addressed during all phases of information systems lifecycle
Establishing audit trails, ensuring their review, and making them available while retaining audit logs in accordance with DOJ and component policies
Generate and interpret documentation needed to address the items detailed within the CSAM
Work within a team environment to provide technically sound guidance in order to adhere to the cybersecurity industry best practices and the client’s monitoring strategy
Analyze collected information to identify vulnerabilities and potential for exploitation and effectively present the results and guidance derived from scans to system owners or other leadership, as required
Effectively communicate orally and in writing to track and detail the demands, efforts, and shortcomings in meeting the goals of the client’s information system monitoring strategy
Support the integration/testing, operations, and maintenance of systems security
Develops, updates, and maintains internal Standard Operating Procedures for all internal assigned functions
Aligns business processes and information technology strategy with the conditions and circumstances of the functional environment and establishes effective performance measures
Contributes to the definition and implementation of planning processes and/or systems at the enterprise level including both strategic and operational activities
Provides system operation support, administers hardware and software inventory
Preferred Qualifications:
A+, Network+, Security+, SSCP, and/or CCNA certifications
2 years of experience supporting validated desktop, server, network, systems administration, troubleshooting, implementation security requirements in Microsoft Windows 10, OS imaging, installation, configuring, and support & troubleshooting
Familiarity with Splunk, Tenable.sc, and/or other system monitoring tools
General knowledge of networking technologies such as TCP/IP ports, protocols, and services, switching, and routing
Familiarity with security hardening guides & tools (DISA STIGs/SCAP)
Willingness to learn innovative technologies & take on new projects to grow experience
Ability to remain calm and composed under pressure in a high energy, fast paced environment
Adaptability to changing business needs
Comfort working with minimal daily supervision
Ability to balance multiple priorities
Working knowledge of Microsoft Office programs
Any combination of certifications such as: CISM, CISA, CSSP, Microsoft’s MCSE, or Cisco’s CCNA, CCDA, or CCNP
Cloud experience dealing with Cloud Architectures/Platforms and applications
Certs such as:
AWS Solutions Architect - (Associate/Professional)
DevSecOps Engineer - (Associate/Professional)
AWS Machine Learning - (Specialty)
AWS Cloud Practitioner - (Foundational)
AWS Security (Specialty)
Azure Solutions Architect
Azure Certified Security or Network Engineer (Associate)
Azure AI fundamentals
Azure Data Fundamentals
Azure Data Scientist or Engineer Associate
Azure DevSecOps Engineer Expert
Powered by JazzHR