Information Systems Security Officer, Senior Principal
Location: Warrenton, VA
Clearance Required: Must be a U.S. Citizen and possess a current and active TS/SCI clearance granted by the Department of Defense or an Intelligence Community agency.
Background:
Assured Consulting Solutions provides strategic and innovative solutions for customer needs across the business, technology, and organizational spectrum. As a member of our team, you will have the chance to work with customers that are both Government and industry leaders and technology innovators.
We are seeking a motivated and customer-oriented Information Systems Security Officer, Senior Principal to join our team in the Warrenton, VA area to provide outstanding support to our customer and begin an exciting and rewarding career within ACS. As an Information Systems Security Officer, Senior Principal, you will serve as the subject matter expert with a focus on cybersecurity risk management and governance, including the integration of cyber disciplines, such as mission assurance and supply chain risk management. You will work closely with the Cybersecurity Manager, Information Systems Security Engineers, and Systems/Network Engineers to ensure approaches, constraints, and perspectives are fully recommended and considered in risk management and policy decisions.
Responsibilities include, but are not limited to:
• Analyze the development of strategy, policy, governance, and implementation guidance recommendations to more closely integrate cybersecurity disciplines to enable a holistic risk management approach.
• Perform Risk Management Framework (RMF) Assessment and Authorization (A&A) responsibilities. Develop the documentation, validation, and accreditation processes necessary to assure systems meet security and privacy requirements.
• Evaluate test results, analyze risk, and develop security assessment documentation to support accreditation decisions.
• Create a risk mitigation strategy and ensure security configurations are maintained in accordance with DoD mandated policies.
• Interpret RMF guidance from Authorizing Officials for clients and provide information and input for the preparation of accreditation packages.
• Assess the applicability of emergent vulnerabilities to individual systems and technologies.
• Lead the development and maintenance of information security policies, standards, and control procedures to enable compliance with RMF.
• Complete Security Authorization packages, to include system security plans, security assessment reports, POA&M summaries and a continuous monitoring plan/assessment schedule, and present executive briefing to senior management.
• Ensure security risk assessments are conducted as appropriate on any system upgrades, software/hardware changes, etc.
• Ensure security authorization boundaries are properly defined and captured in the system security plans, and that all interconnection agreements are in place and current.
• Ensure system security authorization controls contain accurate implementation statements and assessment results, and that appropriate artifacts are completed to support findings. Provide hands-on assistance as appropriate.
• Ensures POA&Ms have appropriate milestones, accurate description of the weaknesses and remediation, task owners, estimated cost to completion and realistic due dates. Provide hands-on assistance to Components as necessary.
Required Qualifications:
• Must meet DoD 8570.01-M IAT-II or IAM-I baseline certification requirements such as Security + or equivalent
• Experience with Microsoft Office applications such as Excel, Word, and Outlook.
• Experience with eMASS, Exacta, and SCAP.
• Excellent written and communication skills.
• Experience in developing cybersecurity or IT policy and guidance.
• Experience with developing IT policy, guidance, or procedure documentation supporting cybersecurity accreditations.
• Experience with analyzing, assessing, or implementing NIST SP 800-53 security controls, CCIs, and associated assessment procedures.
• Experience with developing and presenting complex technical information for technical and non-technical audiences.
• Expert familiarity with RMF.
• Ability to travel up to 25% of the time.
Desired Qualifications:
• Previous supervision and/or participation with cybersecurity Assessment and Authorizations.
• Ability to provide hands-on SOC tools assistance as necessary.
• Familiarity with cybersecurity tool suite; Splunk, ACAS, ForeScout, Avanti (Lumension), and HBSS
Physical Requirements:
• Must be able to remain in a stationary position 50% of the time.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Constantly operates a computer an other office productivity machinery, such as a calculator, copy machine and computer printer.
• Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
Education Qualifications:
• Bachelor's Degree
Years of Experience:
• 9 to 11 years of directly related experience. 4 years of additional experience required if no bachelor's degree.
Position Type: Full-Time
Shift: Day
Export Control: For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ACS may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
COVID-19 Vaccination Requirement: All ACS employees must be fully vaccinated against COVID-19 by their first day of employment or January 18, 2022, whichever is later. Exceptions to the vaccine mandate will be considered only where legally required. To discuss an exemption for medical reasons or due to a sincerely held religious belief, please contact ACS Human Resources at (703) 662-5062.
Assured Consulting Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Minorities, females, disabled and protected veterans are urged to apply. ACS' utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ACS does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact ACS Human Resources at (703) 662-5062.
[#LI-Onsite / #LI-Remote / #LI-Hybrid] #TSSCI #hotjob
Apply Now
Apply Now
Clearance Required: Must be a U.S. Citizen and possess a current and active TS/SCI clearance granted by the Department of Defense or an Intelligence Community agency.
Background:
Assured Consulting Solutions provides strategic and innovative solutions for customer needs across the business, technology, and organizational spectrum. As a member of our team, you will have the chance to work with customers that are both Government and industry leaders and technology innovators.
We are seeking a motivated and customer-oriented Information Systems Security Officer, Senior Principal to join our team in the Warrenton, VA area to provide outstanding support to our customer and begin an exciting and rewarding career within ACS. As an Information Systems Security Officer, Senior Principal, you will serve as the subject matter expert with a focus on cybersecurity risk management and governance, including the integration of cyber disciplines, such as mission assurance and supply chain risk management. You will work closely with the Cybersecurity Manager, Information Systems Security Engineers, and Systems/Network Engineers to ensure approaches, constraints, and perspectives are fully recommended and considered in risk management and policy decisions.
Responsibilities include, but are not limited to:
• Analyze the development of strategy, policy, governance, and implementation guidance recommendations to more closely integrate cybersecurity disciplines to enable a holistic risk management approach.
• Perform Risk Management Framework (RMF) Assessment and Authorization (A&A) responsibilities. Develop the documentation, validation, and accreditation processes necessary to assure systems meet security and privacy requirements.
• Evaluate test results, analyze risk, and develop security assessment documentation to support accreditation decisions.
• Create a risk mitigation strategy and ensure security configurations are maintained in accordance with DoD mandated policies.
• Interpret RMF guidance from Authorizing Officials for clients and provide information and input for the preparation of accreditation packages.
• Assess the applicability of emergent vulnerabilities to individual systems and technologies.
• Lead the development and maintenance of information security policies, standards, and control procedures to enable compliance with RMF.
• Complete Security Authorization packages, to include system security plans, security assessment reports, POA&M summaries and a continuous monitoring plan/assessment schedule, and present executive briefing to senior management.
• Ensure security risk assessments are conducted as appropriate on any system upgrades, software/hardware changes, etc.
• Ensure security authorization boundaries are properly defined and captured in the system security plans, and that all interconnection agreements are in place and current.
• Ensure system security authorization controls contain accurate implementation statements and assessment results, and that appropriate artifacts are completed to support findings. Provide hands-on assistance as appropriate.
• Ensures POA&Ms have appropriate milestones, accurate description of the weaknesses and remediation, task owners, estimated cost to completion and realistic due dates. Provide hands-on assistance to Components as necessary.
Required Qualifications:
• Must meet DoD 8570.01-M IAT-II or IAM-I baseline certification requirements such as Security + or equivalent
• Experience with Microsoft Office applications such as Excel, Word, and Outlook.
• Experience with eMASS, Exacta, and SCAP.
• Excellent written and communication skills.
• Experience in developing cybersecurity or IT policy and guidance.
• Experience with developing IT policy, guidance, or procedure documentation supporting cybersecurity accreditations.
• Experience with analyzing, assessing, or implementing NIST SP 800-53 security controls, CCIs, and associated assessment procedures.
• Experience with developing and presenting complex technical information for technical and non-technical audiences.
• Expert familiarity with RMF.
• Ability to travel up to 25% of the time.
Desired Qualifications:
• Previous supervision and/or participation with cybersecurity Assessment and Authorizations.
• Ability to provide hands-on SOC tools assistance as necessary.
• Familiarity with cybersecurity tool suite; Splunk, ACAS, ForeScout, Avanti (Lumension), and HBSS
Physical Requirements:
• Must be able to remain in a stationary position 50% of the time.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Constantly operates a computer an other office productivity machinery, such as a calculator, copy machine and computer printer.
• Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.
Education Qualifications:
• Bachelor's Degree
Years of Experience:
• 9 to 11 years of directly related experience. 4 years of additional experience required if no bachelor's degree.
Position Type: Full-Time
Shift: Day
Export Control: For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ACS may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
COVID-19 Vaccination Requirement: All ACS employees must be fully vaccinated against COVID-19 by their first day of employment or January 18, 2022, whichever is later. Exceptions to the vaccine mandate will be considered only where legally required. To discuss an exemption for medical reasons or due to a sincerely held religious belief, please contact ACS Human Resources at (703) 662-5062.
Assured Consulting Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Minorities, females, disabled and protected veterans are urged to apply. ACS' utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ACS does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact ACS Human Resources at (703) 662-5062.
[#LI-Onsite / #LI-Remote / #LI-Hybrid] #TSSCI #hotjob
Apply Now
Apply Now