Information Systems Security Officer ISSO

Become part of the XLA team supporting a local Government entity located in the Washington DC metro area. XLA is looking for an Information Systems Security Officer (ISSO). The Information Systems Security Officer will perform security assessments to ensure compliance with internal policies controls and standards as well as client and regulatory security requirements. These assessments include evaluating technological operational and process controls in order to evaluate the design and implementation of security controls. The individual will be responsible for risk and compliance management and reporting to include risk assessments System Security Plans Security Assessment Reports Vulnerability Assessment Reports POA&M management ISO 27001 requirements NIST 800 Series Special Publications Federal Information Processing Standards (FIPS) FedRAMP Authorizations and other regulatory compliance requirements. The individual will be responsible for assisting in federal audit that may occur during their employment.

* Top Secret Clearance is required

* This position requires the candidate to live in the College Park MD area.

* Onsite five days a week

Principle Duties and Responsibilities

• Using the NIST Risk Management Framework (RMF) to conduct assessments of Information security controls in order to measure the effectiveness of controls and identify control gaps
• Ensure compliance to guidance standards and regulations such as NIST Special Publications FIPS FedRAMP and other federal regulations and policies
• Preparing Security Authorization Packages and including documentation such as Authorization Official Outbriefs Security Authorization Recommendations and Security Authorizations memorandums
• Identify assess and prioritize identified risks
• Collect evidence artifacts and document findings to support conclusions
• Report on compliance with internal policies controls and standards Provide recommendations for remediation of identified deficiencies
• Track and report on Plans of Action and Milestones (POAMs) (i.e. findings/deficiencies to closure)
• Coordinate thirdparty risk assessments and IT audits
• Manage remediation efforts and report on the status of control deficiencies
• Support security initiatives and global policy adherence and awareness efforts
• Support global information security metrics and reporting program(s)
• Provide security expertise to business units and key stakeholders
• Enforce policy adherence and manage formal policy exception requests
• Provide timely status updates/reporting on assessments and assigned project

Required Skills Knowledge and Experience

• BS/BA in Computer Science Information Systems Software Engineering or other related analytical scientific or technical discipline
• Five 5 years of experience in IT security including SA&A and/or IT security risk analysis preferably in support of the Federal Government.
• Knowledge of Federal Government SA&A practices and policies particularly FISMA and NIST Special Publications 800 series.
• Industry recognized and accepted certifications relating to IT security preferred (CISSP GIAC CEH TNCP Security Network etc..
• Ability to work independently and also collaborating with application developers engineers and others.
• Must be motivated and results oriented.
• Effective written and oral communication skills.
• Previous Federal Government experience a plus.
• Experience using Xacta or CSAM

Security Clearance: Top Secret clearance is required.

EEO Statement

XLA is committed to the full inclusion of all qualified individuals and is an equal opportunity employer committed to supporting equality and integrity in the workplace professional development and education and an entrepreneurial atmosphere.

We encourage qualified individuals with disabilities to apply. If a reasonable accommodation is needed to participate in the job application or interview process or to perform essential job functions please contact our HR team by phone ator via email at. For persons who are deaf hard of hearing deafblind or deafdisabled XLA will provide an American Sign Language (ASL) interpreter where needed as a reasonable accommodation for the hiring processes.

We are proud to be an EEO/VETERAN EMPLOYER.

All qualified applicants will receive consideration for employment without regard to their protected veteran or disabled status and will not be discriminated against for selfidentifying with either category