Isso

Pensacola, FL - USA

Monthly Salary: Not Disclosed

Posted on: 5 hours ago

Vacancies: 1 Vacancy

Job Summary

ISSO

Pensacola FL (hybrid onsite/telework)

SUMMARY:

Founded in 2001 Indigo IT is an award winning information technology consulting and services company. We are a trusted services provider to government agencies seeking innovative Cloud Cybersecurity Knowledge Management and Enterprise solutions. We know our defense federal and civilian customers have critical IT infrastructures that must remain reliable available and maximized. Indigo IT is mission focused and committed to maintaining a sense of urgency in anticipating and supporting our customers technology goals and objectives. Our unique ability to think beyond today allows our clients to stay ahead of their IT challenges. As a Veteran-Friendly employer we are proudly partnered with the Virginia Values Veterans (V3) Program and a recipient of the HIRE Vets Gold Medallion Award which recognizes our commitment to recruiting our nations Veterans. Recognized on the Inc. 5000 list of Americas fastest growing companies in 2020 & 2021 and named as one of the 2022 Best Places to Work in Virginia we are always looking to hire top talent in the field - come join us today!

This position will be responsible for providing expert level support in the implementation of the Risk Management Framework in accordance with the National Institute of Standards and Technology. This includes providing and maintaining all security assessment and authorization (SA&A) packages for completeness in an acceptable format using automated and manual inputs to ensure compliance with FISMA and other Federal and agency standards. Additionally this position is largely focused on operational and technical security capabilities to include incident handling and analysis entity scanning and reporting of results directly to the CISO (patch vulnerability real-time intrusion detection and baseline compliance) as well as both configuration and review of intrusion detection and prevention tools as required to assess and improve the overall security posture of the organization.

ESSENTIAL FUNCTIONS/RESPONSIBILITIES:

Experience with DOD 8510 (DIACAP and RMF) DoD 6510 and 8500 series instructions and NIST 800 series guidance

Experience with IAVMs DISA STIGs POA&Ms and related Federal/DoD policies and regulations

Experience working with information security practices networks software and hardware

Strong analytical and problem solving skills for resolving security issues

Strong organizational skills to balance various workloads

Strong interpersonal skills to interact with customers and team members

Excellent communication skills to interact with team members and support personnel

Ability to work in a team environment

Self-driven and motivated

Experience documenting and assessing RMF controls Plan of Actions and Milestones (POA&Ms) and vulnerabilities in eMASS.

Experience with DISAs security change request procedures.

Experience reading and interpreting DOD STIG results from SCAP scans and self-assessment checklists via STIG Viewer.

Experience running reading and/or interpreting BURP scans.

Experience reading and interpreting ACAS scan results.

Familiarity with Cyber Command vulnerability remediation timelines

Experience reading and interpreting Topology Drawings

Excellent memorization skills

EDUCATION EXPERIENCE & CERTIFICATIONS:

Active Secret Clearance
Bachelors degree and at least ten (10) or more years of direct experience in computer and systems security. Six (6) years of general IT experience is equivalent to a bachelors degree.
At least five (5) years of experience providing direct support to Federal IT compliance initiatives including the preparation/development of annual FISMA reports compiling responses to Federal information requests and implementing provisions set forth by the OMB DHS and other Federal guidance entities.
Experience working in a Security Operations Center (SOC) or similar environment is highly recommended.
Require DOD 8570-01M IAT Level II certification (CompTIA Security CASP CeH or equivalent)
Preferred relevant professional certifications from recognized industry consortiums including ISC2 (CISSP) ISACA (CISA) SANS/GIAC (GMON GCIA GCED GCIH GPEN).

SPECIFIC KNOWLEDGE SKILLS & ABILITIES:

Information Certification & Accreditation Regulations Federal Information Security Management Act (FISMA) and National Institute of Standards and Technology (NIST) guidance
Security Assessment and Authorization (SA&A) process in alignment with the NIST Risk Management Framework
Network monitoring
Intrusion and malware detection using host-based and network-based intrusion detection systems (IDS) and log management applications
Familiarity with vulnerability scanning and management using Tenable Nessus; reviewing scan reports.
Identifying collecting processing documenting reporting cyber security/ incident response events
Architecting engineering developing and implementing cyber security/incident response policies and procedures; engineering testing installing patching and upgrading various information security hardware and software applications
Information system security cyber security computer forensics vulnerability assessment and penetration testing malware analysis insider threat
Skill in conducting and analyzing the results of test events including utilizing in-depth knowledge of TCP/IP ports and protocols to provide accurate concise and complete results to senior leadership.
Skill in designing a security focused data analysis structure (i.e. the types of data your test must generate and how to analyze those data).
Skill in determining an appropriate level of test rigor for a given system.
Skill in developing operations-based testing scenarios.
Ability to recommend improvements to the internal processes to maximize customer service levels and improve overall security posture of the organization.
Excellent time management skills with ability to juggle multiple priorities and complete tasks on time
Strong analytical skills with the ability to analyze data sets to determine trends establish strategies and make decisions about real time threats as well as identification and elimination of false positives from operational reports.
Outstanding interpersonal and communication skills with the ability to effectively communicate across diverse audiences.
Self-starter ability to work effectively both independently and as part of a team including the ability and desire to own every aspect of a task from start to finish.

At Indigo IT we offer an expansive benefits package for our employees which includes: Medical Dental and Vision coverage addition we offer 401(k) with company match Group life and disability Flex Spending Accounts (FSA) Paid Time Off (PTO) Paid holidays and Education assistance. We also have in house training programs for employees we reward thought leadership with bonuses and recognition for publishing speaking and innovative thought leadership in our industry.

Indigo IT is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer making decisions without regard to race color religion creed sex sexual orientation gender identity marital status national origin age veteran status disability or any other protected class. This employer uses E-Verify.

ISSOPensacola FL (hybrid onsite/telework)SUMMARY:Founded in 2001 Indigo IT is an award winning information technology consulting and services company. We are a trusted services provider to government agencies seeking innovative Cloud Cybersecurity Knowledge Management and Enterprise solutions. We kn...