Information Systems Security Officer with Security Clearance

Job Summary: We here at Apriva ISS is looking for an Information Systems Security Officer to support our customer located in Quantico, VA. This is a full-time, 100% on-site role, with the potential for limited travel as needed. The Information Systems Security Officer (ISSO) will be responsible for ensuring the policies for governance around security, integrity, and compliance of an Apriva ISS Customer's CSfC Gateway infrastructure, data centers, and end points are enforced. This role will assist in supporting our existing Network, Systems, and Security Engineers in the proper maintaining & implementing security controls within a CSfC Gateway solution. This role will be customer facing and embedded within the Client's secure location, so a professional approach to communication, organizational policy, operational security, and incident response is paramount. Primary Duties/Responsibilities:
• Develop, implement, and maintain security policies, procedures, and system documentation.

• Conduct risk assessments, vulnerability management assessments, and security audits.

• Develop and oversee mitigation strategies for the information systems, and enforce security best practices for data center, enterprise infrastructure, and client endpoints.

• Collaborate with IT/Security engineering teams to implement and validate security controls, against the customer's define internal security posture and the NSA's various CSfC compliance annexes.

• Create and define policy and standards for documenting Systems Security Plans, Risk Assessment Reports, Incident Response Plans, and assist in Systems Accreditation & Certifications packages. Required Qualifications/Skills:

• A Bachelor's degree in Cybersecurity, Data Science, Information Systems Management, or equivalent related technical experience is required.

• 5 - 10 Years of experience in Cybersecurity, Network Security, Security Engineering is required.

• An active Federal TOP SECRET Security Clearance with SCI eligibility, and ability to take and pass CI Polygraph is required.

• Current Active DoD 8140 Information Assurance Qualifying Cyber Security Certification (Sec+, CySA+, SSCP, etc.) or ability to obtain within 6 months of employment is required.

• Direct hands-on experience eMass, XACTA, or other comparable compliance tracking platforms is required.

• Direct experience in ensuring compliance with the NIST Risk Management Framework (RMF) 800-37 Rev 2 for support of the customers Assessment & Authorization (A&A) process and lifecycle.

• A solid knowledge base on: Identity & Access Management practices, Public Key Infrastructure, network & security architecture, and continuous monitoring tools is required

• Excellent communication (both written and verbal) and organizational skills are required
Preferred Qualifications/Skills:

• Additional Professional Cybersecurity or IT Security certification such as: CISM, CISSP, GCLC, etc. are preferred.

• Previous experience or knowledge of the National Security Agency's (NSA) CSfC program, requirements, constraints, and architectures is a plus.

• Working hands-on experience in SOC operations and Incident Response best practices is a plus.

• A strong working knowledge of the security & privacy controls described in NIST SP 800-53 is a plus.

• Experience with SIEM, IDS/IDP, and EDR solutions and tools is a plus. PHYSICAL DEMANDS:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Individuals may need to sit or stand as needed for long periods of time throughout the day. The candidate must be able to lift 50 pounds. WORK ENVIRONMENT:
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
For a large percentage of the work week, it will be ambient room temperatures, lighting and traditional office equipment as found in a typical business office environment. There is also work in a typical data center environment. APRIVA IS AN AFFIRMATIVE ACTION/EQUAL OPPORTUNITY EMPLOYER