Information System Security Officer (ISSO)/RMF Analyst
Information System Security Officer (ISSO)/RMF Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Job Description:
ISSO reviews (RMF) Assessment and Authorization documentation standard operating procedures policies and security instructions for both networked and stand-alone computer systems and provides oversight and guidance for multiple systems. Reports to a more-senior-level Project Manager. Position is on-site with some telework potentially available as agreed upon by Government Customer.
Principal Duties and Responsibilities
- Cyber Security policy procedures and regulations to assist with identifying potential Cyber Security issues.
- Review/complete RMF packages to include System Categorizations Security Plan and Authorization Packages (A&A Assess Only).
- Monitor evaluate and maintain systems and procedures to safeguard information systems networks and databases.
- Implement enforce communicate and develop security policies or plans for data software applications hardware telecommunications and information systems security education/ awareness programs.
- Establish and satisfy system-wide information security requirements based upon the analysis of user policy regulatory and resource demands.
- Assist Organization Information System Owner in daily RMF duties.
- Prepare department and organization level specific reports as required by government or customer.
- Serve as liaison between department and other departments as well as with outside customers regulatory personnel etc.
- Prepare and deliver synchronization briefings and status updates to Government Customer(s).
- Monitor and determine system categorization in accordance with NIST SP 800-59 NIST SP 800-60 FIPS 199 and/or CNSSI 1253 (as applicable) in areas of Confidentiality Integrity and Availability (CIA) and coordinate approval.
- Assist in the development and maintenance of the RMF package as required. This includes updating/maintaining Enterprise Mission Assurance Support Service (eMASS) entries on all required and applicable RMF controls.
- Participate in teleconferences working groups and integrated product teams (e.g. Milestone Reviews Configuration Management etc.) as directed by the Government.
- Coordinate and collaborate with external stakeholders to enhance security posture.
- Monitor system changes through continuous monitoring practices to determine if changes to specific configurations require the implementation of or modification to existing specialized solutions such as Cross Domain Solution (CDS) or Host Based Security System (HBSS) etc.
- Develop Risk Assessment memorandums (RAMs) as required with the scheduling and coordination of a Security Compliance Review.
- Maintain Plan of Action & Milestones (POA&M) as required including updates involving IAVAs STIGs and Bulletins as they occur.
- Provide continuous monitoring subject matter expertise including technical analysis on assigned systems for system modifications upgrades system interoperability and software configuration or baseline enhancements to determine compliance issues schedule impacts and impacts requiring modification to relevant documentation and accreditations.
- Analyze and evaluate process improvement issues concerning the application of evolving technologies to assess any resulting impacts to the security posture of the system and to identify potential mitigations that would allow application and integration of the technologies without compromise of the systems security posture.
- Participate in various system life-cycle meetings telecoms and other forums that impact the program risk from a technical standpoint or upon request by the Government Lead.
At COLSA people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our FamilyofProfessionals!Learn about our employee-centric culture and benefitshere.
Required Experience:
IC
Employment Type
Full-Time
