Position Title: ISSO
Location: Washington, DC
Industry: Government Contracting
ISSO Position Summary:
Our client is seeking a talented ISSO to join their team. This position will support the Assistant Secretary for Administration (ASA) under guidance from the CIO's Information System Security Manager (ISSM). The candidate will ensure a portfolio of 4 systems are in compliance with applicable NIST standards, and provide standard ISSO services. The candidate will also work closely with the other ISSOs supporting the client customers to provide leadership and mentoring and ensure consistent delivery of ISSO services.
ISSO Key Responsibilities:
· Ensure applicable cybersecurity policies are implemented for systems and information system-related physical security also under purview.
· Maintain operational security posture consistent with current security policy.
· Report actual or suspected computer-security incidents to DOT CSIRC within time frames established by DOT Incident Response policy for incident types in accordance with US-CERT.
· Distribute cybersecurity notices and advisories to appropriate personnel and that vendor-issued security patches are expeditiously installed.
· Serve as primary security to system owners, common control providers, and users.
· Serve as focal point for cybersecurity incident reporting and subsequent resolution.
· Assisting ISSM in reviewing contracts for information systems under the Component's control to ensure that cybersecurity is appropriately addressed in contract language.
· Ensure all security-related SDLC documentation meets all identified security needs.
· Maintain Security Assessment and Authorization (SA&A) documentation for information systems under purview according to DoT Cybersecurity Policy and Compendium.
· Ensure selection of NIST SP 800-53 baseline security controls are appropriate for system based on FIPS 199 security categorization, NIST SP 800-53 guidance, and supplemental DOT policy specified in DoT Cybersecurity Compendium.
· Assist System Owner, Information Owner, and ISSM in recording all known security weaknesses of assigned information systems in POA&Ms IAW DoT policy and procedures.
· Track all security education and awareness training conducted for personnel and contractors, as required by DoT Cybersecurity Policy and Compendium.
· Provide security advice to AO and System Owner on all matters (technical and otherwise) involving security of the information system.
· Ensure required updates are performed to key documents in accordance with NIST SP 800-37 for continuous monitoring.
· Identify changes to systems that may impact security controls, perform security impact assessment of proposed changes, report any change in risk posture, and provide recommendations for risk mitigation.
· Ensure proper backup procedures exist for assigned information systems and that procedures are performed and tested in accordance with System Security Plan.
· Assist System Owner and ISSM to ensure external connections to/from DoT information systems and networks are provided by an approved DoT Trusted Internet Connection Access Provider (TICAP) or DoT-approved Managed TIC Provider Service (MTIPS).
· Ensure audit logs are captured, maintained, and analyzed as required by NIST SP 800- 53 and any supplemental Departmental Cybersecurity Policy and the Compendium.
· Ensure DoT enterprise information security management system (CSAM or its successors) accurately contains required information system inventory, categorization, POA&Ms and other security metrics required by DoT CIO through this policy.
· Complete mandatory annual specialized information security training.
ISSO Compensation and benefits: $120,000
Company-supported medical, dental, vision, life, STD, and LTD insurance
Benefits include 10 federal holidays and PTO.
401(k) with company matching
Flexible Spending Accounts for commuter, medical, and dependent care expenses
Tuition Assistance
Providence Medical Groups premier OB/GYN Health Center, is seeking a board-certified/board... ...medical education, relocation assistance available, starting bonus As a non-profit... ...Medical Group is an organization of employed physicians, with more than 90 clinics across the...
...Titan Florida, LLC has an immediate opening for an Electrical Maintenance Engineer for our Pennsuco Cement Plant in Medley, FL. This... ...lifecycle analysis on electrical and control system equipment and generate EOL/obsolescence plans. Provide technical support to...
...strategic shift toward automation and data-driven People Operations . We are seeking a motivated and detail-oriented Entry-Level HRIS Analyst to support this transformation by... ...Systems, or related field (or equivalent experience). Familiarity with Microsoft Office...
...We are seeking a Production Supervisor at our Sheboygan, WI Facility. The Supervisor will utilize leadership, operations experience, and communication to identify and drive improvement opportunities related to people, process, and systems. The ideal candidate will...
...excellence. The Hospitality team specializes in Hotel Partnerships across the country and... ...of the Position: The Hotel Valet Manager supports Regional Management with... ...Knowledge of Excel, Word, Power Point and General Microsoft Office Applications. Skills...