Job Description:

Security Clearance required:

Cognosante is on a mission to transform our country's healthcare and national security systems. With our health and security-focused solutions, we help public sector organizations achieve the important task of providing the best possible public services to American Citizens. From Enterprise IT, Data Science, and Security Services, to full-scale Consumer Engagement and Interoperability solutions, we are moving government services forward with transformation and innovation. Learn how we are making a difference in people's lives today!

Job Description

The Chief Security Officer is responsible for all activities related to achieving and maintaining authorization to operate (ATO) for information systems supporting Social Security Administration (SSA) Ticket to Work Program (TPM) and federal government contracts, following NIST Risk Management Framework procedures and guidance mandated under FISMA. Key job duties including specifying and documenting security control requirements, supporting security control assessments, and working with development and implementation team members to ensure that all security requirements are adequately addressed. The Security Officer also identifies relevant security and privacy standards and regulations applicable to systems under development or in operation and helps ensure compliance with those standards and regulations.

Key Responsibilities

• Analyze systems, data, and operating environments to determine appropriate security controls


• Produce key authorization package documentation, including System Security Plans, Contingency Plans, Security Test Plans, Plans of Action and Milestones, Privacy Impact Assessments, and related artifacts


• Review system architecture and system design documentation to identify security-relevant aspects of systems and solutions and accurately reflect that information in security documentation


• Work closely with project team members to make sure that applicable security requirements are incorporated in systems and solutions deployed for the project


• Participate in business, technical, and security reviews of the solution to explain selected security and privacy controls


• Perform initial and ongoing risk assessments of the system


• Prepare a System Security Plan (SSP) to document the implementation status of required security controls

Required Qualifications

• Minimum 5 years relevant experience


• Bachelor's Degree or equivalent experience


• Strong technical knowledge of networks, operating systems, and n-tier applications


• Experience performing risk management framework and system authorization tasks in a FISMA (i.e., federal government agency) setting


• Familiarity with NIST standards and guidance including FIPS 199, FIPS 200, and the 800 series of Special Publications


• Excellent organizational, interpersonal, verbal, and written communication skills


• Ability to work effectively as part of an integrated project team, while also taking ownership of assigned tasks to successfully achieve explicit delivery dates and milestones


• Ability to perform comfortably in a fast-paced, deadline-oriented work environment


• Ability to successfully execute many complex tasks simultaneously

Candidates that do not meet the required qualifications will not be considered.

Preferred Qualifications

• Relevant security certifications such as CISSP, SSCP, CAP, or CISA


• Formal education or professional experience in information assurance, information security management, or security operations