Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.

A

Sr. ISSO/Security Specialist

anavationllc · 30+ days ago

Washington, DC

$112k+
Estimation

Full-time

Continue

By pressing the button above, you agree to our Terms and Privacy Policy, and agree to receive email job alerts. You can unsubscribe anytime.

Be Challenged and Make a Difference

In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.

Description of Task to be Performed:

AnaVation is seeking a Sr. ISSO/Security Specialist for our mission critical customer in Washington, DC. You will work as part of a fantastic team providing security expertise on high priority projects. Daily duties include, but are not limited to:

· Leading agency’s risk assessment program, performing internal audits, and building streamlined assessment processes.

· Having in depth security knowledge and experience in managing the security of a system’s accreditation boundary.

· Focusing on the enterprise governance and risk of exposure across a multi-cloud and on-premise environment that will include multiple vendors, customers and XaaS products.

· Evaluating agency’s current system infrastructure and recommending changes to improve its security posture.

· Providing customer support for security compliance and audit liaison activities.

· Developing, maintaining, and assessing Security Assessment & Authorization (SA&A) packages resulting in an authority to operate (ATO) for IT systems.

· Creating and maintaining SSPs and supporting documentation in accordance with agency guidelines and directives. This includes writing implementation statements, creating supporting documentation (e.g., Contingency Plans, Incident Response Plans, Account Management Plans, etc.), and performing self-assessments, while working with system stakeholders.

· Develop, coordinate, test, and train personnel on Incident Response Plans and Contingency Plans.

· Ensuring that information systems are accredited, maintain their ATO, and are being continuously monitored.

· Performing risk assessments for government systems, to include cloud-based systems.

· Performing security control assessments to include collecting supporting artifacts/evidence and interviewing system owner/owner representatives.

· Maintaining and tracking system POA&Ms.

· Reviewing and analyzing government policy.

· Taking ownership on various projects.

· Improving on processes and procedures and making recommendations to improve the security posture of the agency's IT systems and applications.

This position is currently hybrid (2 days per week on site at the customer location in DC) but is subject to change at the customer’s direction.

Required Qualifications:

6+ years’ experience with NIST, FISMA, and Security Assessment & Authorization.
FedRAMP and Cloud experience (e.g., Azure, AWS, Oracle (OCI))
Knowledgeable on various security-related NIST publications (e.g., SP 800-53r5, SP 800-53A, SP 800-18r1, etc.)
An in-depth knowledge of the Risk Management Framework (RMF).
Ability to obtain and maintain a customer Public Trust clearance required. Qualified candidates can be sponsored for this clearance.
Certifications: CISSP required

Preferred Qualifications:

Desirable Qualifications (Education/Certificates, Experience, Physical, etc.):
Familiarity with the security control families from the NIST guidance covered by the documents that they are responsible for evaluating.
Ability to provide subject matter expert-level knowledge to the project team to ensure compliance with applicable requirements.
Demonstrated knowledge of IT Security policy implementation statements, the regulatory structure of policy, the role of the Department of Homeland Security (DHS), the Office of Management and Budget (OMB), and the National Institute of Standards and Technology (NIST).
Hands-on experience using a Governance, Risk, and Compliance tool, such as CSAM or eMASS.
Ability to conduct gap analysis on non-federated vendor audit results, such as SOC Type 2, HIPAA comparison review and analyze against NIST SP 800-53 Revision 5 security controls.
Hands-on experience providing C-Level presentation and reporting.
Excellent written communication skills and understand the purpose and use of the System Security Plan (SSP).
Possess an understanding of control inheritance as applied to the RMF implementation in the CSAM tool.
Ability to accurately manage complex workstreams, comprehend the application of the RMF, and understand the application of security controls across the interface, application, operating system, network, and database layers of modern information systems.
Understand the applicable artifacts used as evidence to assess compliance.
Experience with multiple tools providing security functions such as vulnerability management (e.g., Nessus), configuration management (e.g., BigFix, SCCM, ePO), endpoint protection (e.g., antivirus, ATP), data loss prevention, and intrusion detection software and hardware.
Ability to evaluate data flows, network diagrams, and logical security boundaries.
Excellent oral and written communication skills
Familiarity with the use of data analysis tools, including the use of Microsoft Excel or PowerBI to combine data from multiple sources.

Benefits

· Generous cost sharing for medical insurance for the employee and dependents

· 100% company paid dental insurance for employees and dependents

· 100% company paid long-term and short term disability insurance

· 100% company paid vision insurance for employees and dependents

· 401k plan with generous match and 100% immediate vesting

· Competitive Pay

· Generous paid leave and holiday package

· Tuition and training reimbursement

· Life and AD&D Insurance

About AnaVation

AnaVation is the leader in solving the most complex technical challenges for collection and processing in the U.S. Federal Intelligence Community. We are a US owned company headquartered in Chantilly, Virginia. We deliver groundbreaking research with advanced software and systems engineering that provides an information advantage to contribute to the mission and operational success of our customers. We offer complex challenges, a top-notch work environment, and a world-class, collaborative team.

If you want to grow your career and make a difference while doing it, AnaVation is the perfect fit for you!

•

Last updated on Sep 17, 2024

About the company

A

anavationllc

More jobs at anavationllc

Analyzing

Lead Systems Engineer/Architect

Reston, Virginia

·

30+ days ago

Lead Network Lab Engineer

Reston, Virginia

·

30+ days ago

Junior CNO Developer

Chantilly, Virginia

·

30+ days ago

Junior Vulnerability Researcher

Chantilly, Virginia

·

30+ days ago

Principal CNO Developer

Chantilly, Virginia

·

30+ days ago

More jobs like this

Analyzing

Multifamily Underwriting Associate (Freddie Mac)$66k+

R

rajdnwiu7c8r934thp9x1p3cy8m5bv00f9sctvg8eqkxizduzvwvbmtwwys93l1z

Dallas, Texas

·

30+ days ago

Global Process Risk & Compliance Analyst$89k+

R

rsjdnwc9jel4i3xyjsm3m8vnhrmayk037bphn44zg3i1bl3dcjtqhqlclsisinpr

Raleigh, North Carolina

·

30+ days ago

Long Term Care Insurance Specialist$75k+

G

gnwfin

Seattle, Washington

·

30+ days ago

Margin Collateral Valuations Analyst$97k+

6

6824

Jersey City, New Jersey

·

30+ days ago

Fraud Analyst$15+ / hour

7

7646

Chicago, Illinois

·

30+ days ago

Senior Coordinator, Cyber Security Controls$131k+

P

pierce

New York, New York

·

30+ days ago

Senior Finance Analyst$88k+

R

rivian

Livonia, Michigan

·

30+ days ago

Risk Management Analyst$97k+

G

global-channel-management-inc

Plainfield, New Jersey

·

30+ days ago

Ecommerce Data Analyst$91k+

F

fvjdnwvwi7yecmymd9si3it1ointo80348emvd7mgqh749rpbe3n811jnfkeb228

Boston, Massachusetts

·

30+ days ago

Fraud Operations Analyst$83k+

C

csjdnws57zkoxkvjhwvudtxno118x6039fx1e6pll7vuv3kg6vefadt7v2wpuykf

Youngstown, Ohio

·

30+ days ago

For job seekers

Job searchSearch millions of jobs

LaunchpadNew

Resume to business

Cover Letter StudioGenerate a cover letter

Add to ChatGPTFind and discuss jobs

For employers and recruiters

Resume ScreenerOrganize and rank candidates

Talent PipelinePre-order

Source top talent

Promote a jobReach more candidates

For everyone

Referral programEarn 30% commission

Get mobile appBrowse anywhere

Jobs API

Become a partner

Developed by Blake and Linh in the US and Vietnam.

We're interested in hearing what you like and don't like! Live chat with our founder or join our Discord

Changelog

🚀 LaunchpadNov 27

Create a site and sell services based on your resume.

🔥 Job search dashboardNov 13

Revamped job search UI with a sortable grid, live filtering, bookmarks, and application tracking.

🫡 Cover letter instructionsSep 27

New Studio settings give you control over AI output.

✨ Cover Letter StudioAug 9

Automatically generate cover letters for any job.

🎯 Suggested filtersAug 6

Copilot suggests additional filters above the results.

⚡️ Quick applicationsAug 2

Apply to jobs using info from your resume. Initial coverage of ~200k jobs in Spain, Germany, Austria, Switzerland, France, and the Netherlands.

🧠 Job AnalysisJul 12

Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.