Security Staff conducting access and entrance controls while ensuring safety and quality standards. The role includes reporting incidents and taking immediate measures on - site.
About the role
- Information System Security Officer responsible for maintaining FISMA systems security for Federal agencies. Overseeing security assessments and collaborating with technical teams in Washington D.C.
Responsibilities
- Ensure the assigned FISMA systems maintain their ATO through independent security assessment and authorization;
- The ISSO shall have oversight responsibility to ensure proper access controls have been implemented and managed;
- ISSO shall ensure audit logs are reviewed at an agreed upon frequency, where the frequency may increase if warranted by incident or situational awareness.
- When reviewing logs, some events will require follow-up inquiries to determine if a problem exists, whether corrective action is required, or if there is another explanation.
- Be responsible for conducting assessments of controls for their system to ensure the controls have been implemented properly and are still effective where the risk posture is documented in a system risk assessment report.
- Ensure documents provided to auditors are what was requested and approved for release. Documents provided to auditors should be properly labeled so that the auditor is aware if they contain sensitive information.
- Ensure that new vulnerabilities are evaluated by the respective subject matter expert and corrective action implemented.
- Follow agreed on procedures when providing documents;
- Collaborate with the Security Engineer in conducting security impact assessments on change to their respective FISMA systems.
- Collaborate with the Security Operations Center in reviewing vulnerability and compliance scan results at an agreed upon frequency. Any findings in the scan results are to be tracked as a corrective action plan and managed in CSAM as a POAM.
Requirements
- Strong working knowledge and familiarity with NIST publications and privacy frameworks.
- Demonstrated understanding of cloud service models, hybrid models, financial applications, and mobile security technologies and tools.
- Demonstrated experience supporting an industry risk management tool executing A&A activities.
- Ability to identify and assess risks and recommend appropriate remediation strategies.
- Must be well-organized and detail-oriented with the ability to coordinate, prioritize multiple tasks, and be adaptable to change to accomplish assignments.
- Ability to work independently and with teams.
- Professional and polished interpersonal and communication skills.
- Proficient with Microsoft Office to include Outlook, Word, PowerPoint, and Excel.
Benefits
- Paid parental leave
- Flexible time off
- Certification and training reimbursement
- Digital mental health and wellbeing support memberships
- Comprehensive insurance options
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cybersecurity Senior Engineer responsible for overseeing data protection and implementing cybersecurity technologies. Collaborating on complex IT projects across various platforms.
Intern supporting IT operations at Amynta Group focused on cybersecurity. Engaging in monitoring, vulnerability management, and compliance activities in a dynamic environment.
Security Guard ensuring safety and security at SpiriTrust Lutheran's facilities in Shrewsbury, PA. Monitoring premises and responding to alarms, ensuring the well - being of residents and staff.
Cybersecurity Engineer at BECU securing enterprise infrastructure and managing multiple cybersecurity solutions. Collaborating on network security, incident response, and implementing security best practices.
SAP Security Consultant focusing on role design and implementation for S/4HANA and ERP systems. Engaging in testing, workshops, and supporting SAP authorizations.
Security & Emergency Management Manager overseeing site security, life safety, and emergency management systems at Hyundai. Engaging in corporate - level program deployment and operational oversight across multiple locations.
Security personnel for A PaRK International School in Lisbon, responsible for ensuring efficient access control and emergency response. Maintaining safety regulations and assisting students and visitors.
Ausbildung zur Fachkraft für Schutz und Sicherheit bei QVC Deutschland. Schütze Menschen, Werte und Prozesse in einem internationalen Umfeld.
Security Engineer enhancing security platform and controls at TMGM, an expanding CFD and Forex broker. Collaborate with teams to improve security measures in cloud and on - premises environments.