Information System Security Officer (ISSO) at DCCA in aurora, Colorado

Job Description:

DCCA is a veteran-owned, emerging large IT business specializing in providing innovative solutions to a variety of government agencies and commercial enterprises since 1982. DCCA is proud to offer career growth opportunities and a competitive compensation and benefits package. Visit our website at: www.dcca.com

Information System Security Officer (ISSO)

Candidate must have or be able to obtain an ADP I or ADP II clearance

General Job duties:

• 
  Communication
  
  
  
  • Information System Security Officer (ISSO) must interface with technicians, third-party hosting providers, Program Management Office (PMO), leadership, corporate staff, and the end-user community.
  
  
  • College-level communications skills, ability to communicate clearly, both orally and with written communications.
  
  
  
  


• 
  Education/Certification
  
  
  
  • Bachelor's degree from an accredited university in a related field (computer science, engineering, or information systems);
  
  
  • Candidates MUST have one or more of the following certifications: CISSP, CISM, or similar certification for IAT Level III per 8570 Cyber Workforce Requirements within 6 months of hire date.
  
  
  
  


• 
  Required Experience
  
  
  
  • Management of a team to include performance reviews, task assignment and tracking, conducting status meetings, project planning/management, etc.
  
  
  • 10 years of experience to include Information Assurance (IA) experience with large, complex programs.
  
  
  • 5 years' experience in planning, documenting, and resolving security and information assurance issues on a technical program.
  
  
  • Experience with integrating security and development efforts on a technical program.
  
  
  • Understanding of DoD Risk Management Framework (RMF), NIST SP 800-53A security controls, and all applicable Security Technical Implementation Guides (STIGs); and
  
  
  • Working experience with eMASS or equivalent tool is desired.
  
  
  
  

Specific job duties:

• Manage a team of Cybersecurity specialists that will monitor applications, databases, and operating systems for compliance and IA activities necessary to protect data from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.


• Participate in routine Leadership meetings and decision-making.


• Provide guidance to ISSM and PMO on all Cybersecurity matters impacting the program.


• Develop, update and enforce policies, procedures and standards dictated by guidelines produced by government and program mandates.


• Assist in gathering system and security controls documentation and artifacts.


• Track vulnerabilities by creating Plan of Action and Milestones (POA&M)


• Supervise the configuration and documentation contained in the program's instance of Enterprise Mission Assurance Support Services (eMASS).


• Report on database and application related Information Assurance Vulnerability Alerts (IAVA) and ensure timely completion.


• Assist in maintaining and managing continuous monitoring of DoD STIG compliance
  
  
  
  • Review new STIG releases and communicate changes to the development team
  
  
  • Maintain and enforce standard operating procedures to comply with applicable RMF controls
  
  
  • Create automated STIG configuration checks that result in non-compliance notifications
  
  
  • Perform annual self-assessment across all databases, applications, operating systems, and track open vulnerabilities.
  
  
  • Assist and advise the technical teams on possible solutions to open vulnerabilities and STIG compliance. Possible proof of concepts may be required to demonstrate secured functionality.
  
  
  
  


• Enforce the continuous monitoring strategy through the use of tools such as Splunk, ACAS reports, scripts to perform database/application user/privilege review, etc.


• Advise on secure implementation strategies for OS, database and application projects to include upgrades, cloud implementation, etc.


• Enforce code reviews for database and application development and configuration management activities, established by the Change Management Plan and Change Management Working Group.


• Ensures that all program information systems are functional and secure.

The proposed salary range for this position in Colorado is 124,000 to 165,000. Final salary will be determined based on various factors. Our comprehensive benefit offerings include healthcare, retirement plan, paid disability and life insurance programs, employee assistance program, paid and unpaid leave programs, education assistance, and wellness initiatives

DCCA is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status .

(function () {
'use strict';
socialShare.init();
})();