Information Systems Security Officer (ISSO)

ManTech International Corporation
Job LocationUS Remote
Job TagFull Time
Apply Now

Description:

We are seeking a skilled and dedicated professional to join our organization as a Journeyman-level Information Systems Security Officer (ISSO) within the CISA/Department of Homeland Security (DHS). As an ISSO, you will play a vital role in securing our information systems and ensuring compliance with CISA/DHS policies and guidelines. You will collaborate with stakeholders and security teams to proactively identify and mitigate cyber threats, safeguarding sensitive data and critical infrastructure in support of the Department’s mission.

Responsibilities:

  • Support the preparation of Authorization to Operate (ATO) package documentation, including security assessment reports, system security plans, risk assessment reports, and other necessary artifacts.
  • Coordinate with stakeholders to ensure ATO package documentation aligns with industry best practices, NIST guidelines, and agency-specific requirements.
  • Assist in conducting internal reviews and assessments to ensure ATO package documentation accurately reflects the current security posture and controls in place.
  • Develop and implement comprehensive information security policies, procedures, and guidelines, aligned with DHS directives, controls, to protect our organization’s information systems and assets.
  • Conduct regular risk assessments and vulnerability scans to identify potential cyber threats and vulnerabilities and develop robust risk mitigation strategies in accordance with DHS guidelines.
  • Monitor security logs, analyze security incidents, and lead incident response efforts to minimize disruption and ensure effective resolution, adhering to CISA/DHS incident response protocols.
  • Manage the implementation and maintenance of secure configurations for all systems and networks, collaborating with system administrators, network engineers, and other IT teams while following DHS security standards.
  • Perform security assessments and audits of technology infrastructure, systems, and applications to ensure compliance with DHS regulations, standards, and frameworks (e.g., NIST, FISMA).
  • Stay updated on emerging cybersecurity threats, trends, and technologies, specifically those relevant to CISA/DHS missions, and develop strategies and approaches to mitigate risks effectively.
  • Collaborate with stakeholders to identify security requirements for new projects, systems, and applications, ensuring alignment with DHS security guidelines and best practices.
  • Lead and participate in security incident response activities, including containment, investigation, remediation, and reporting, adhering to CISA/DHS incident handling procedures.
  • Support the development and maintenance of documentation, including security policies, procedures, guidelines, and incident response plans compliant with CISA/DHS directives and requirements.

Qualifications:

  • Bachelor’s degree in information security, computer science, or a related field.
  • Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or GIAC certifications are highly desirable.
  • Minimum of 3-5 years of experience in information security, with a focus on managing and implementing information security programs within a CISA/DHS environment.
  • Experience supporting the preparation and maintenance of Authorization to Operate (ATO) package documentation, including security assessment reports, system security plans, and other necessary artifacts.
  • Experience performing security assessments, vulnerability assessments, and penetration testing within a complex enterprise environment.
  • Familiarity with security control frameworks and standards, such as NIST SP 800-53, FIPS 199, and NIST SP 800-37.
  • Knowledge of ATO processes, NIST guidelines, and industry best practices related to system security plans, security assessments, and ATO package preparation.
  • In-depth knowledge of DHS information security frameworks, regulations, and standards, such as NIST, Federal Information Security Modernization Act (FISMA), and the Cybersecurity and Infrastructure Security Agency (CISA) guidance.
  • Strong expertise in conducting risk assessments, vulnerability management, and incident response specifically applicable to DHS missions.
  • Proficiency in performing security audits, identifying security gaps within the context of CISA/DHS threat landscape, and implementing appropriate mitigations.
  • Extensive experience in managing and configuring security technologies aligned with DHS requirements, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus solutions, and security information and event management (SIEM) tools.
  • Excellent communication and interpersonal skills, with the ability to effectively collaborate and communicate complex security concepts to technical and non-technical stakeholders within a DHS context.
  • Strong analytical and problem-solving abilities, with a proactive approach to identifying and addressing security risks and vulnerabilities specific to DHS operations.
  • Up-to-date knowledge of the latest cybersecurity threats, trends, and evolving technologies pertinent to DHS missions.
  • Additional Skills
    • JIRA experience
    • MS SQL
  • Security/Clearance Requirements
    • Must be a US citizen and pass a background investigation.
    • Able to obtain and maintain a DHS Suitability/Entry on Duty (EOD)
  • Physical Requirements
    • Office work, typically sedentary with some movement around the office
Apply Now