Job Information
Amentum Information System Security Officer - Senior in Washington, District Of Columbia
As a Top Secret cleared Information Systems Security Officer you will be working in an organization that’s mission is to develop and operate the best possible software for critical national security enterprise applications. This organization leverages SCRUM and SAFE Agile software development methodology and strong Dev Ops practices.
You will be responsible for technical information assurance engineering efforts with network/server scanning, patching, mitigation, and compliance cross-checking of target network assets. Experience in ST&E process and POAM generation. You will need a strong understanding of approved COTS security analyst tools and government mitigation/compliance checkers. You will need a strong comprehension of FISMA, DIACAP, NIST-800 SPs and DCID 6/3 standards and policy control grouping. You will need experience determining products to meet client needs and presenting results.
Responsibilities:
Serves as the principal advisor to the Information System Owner (SO), Business Process Owner, and the Chief Information Security Officer (CISO) / Information System Security Manager (ISSM) on all matters, technical and otherwise, involving the security of an information system. ISSOs are responsible for ensuring the implementation and maintenance of security controls. Directs and implements the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure, or destruction. Provides guidance and direction for the physical protection of information systems assets to other functional units. Provides reports to superiors regarding effectiveness of data security and makes recommendations for the adoption of new procedures. Assist with reviewing, developing, and navigating the system, team, and customer through the Authority to Operate (ATO) accreditation/certification documentation process. Perform network self-inspections. Create new and edit existing documentation that forms the Authority to Operate (ATO) package to include the System Security Plan and IS contingency plan. Develop Plan of Action and Milestone (POAMS) from vulnerability data and enter into the system of record.
Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others. Minimum of 8 years’ experience recommended. In absence of years of experience, certifications or past work may be used to show the level of experience needed to perform at this level.
Requirements:
• Active Top Secret clearance with SCI eligibility
• Minimum of 8 years of experience with at least 3 years of technical experience installing, maintaining, and managing Local Area Networks (LANs) or Wide Area Networks (WAN) and 3 years of security engineering, system security auditing or system penetration testing
Certifications (at least one is desirable): MCSA/Unix/Linux, CCNA, CompTIA-Network +, CompTIA-Security +, CISSP Certification
• Education: Bachelor’s Degree in Information Systems, Security, Engineering, or other related scientific or technical discipline
• In absence of degree, additional years of experience may be substituted for educational requirements"
Clearance Required: Top Secret with SCI eligibility
Minimum Education:
Bachelor’s Degree in Information Systems, Security, Engineering, or other related scientific or technical discipline
In absence of degree, additional years of experience may be substituted for educational requirements
Minimum Years of Experience:
Minimum of 8 years of experience with at least 3 years of technical experience installing, maintaining, and managing Local Area Networks (LANs) or Wide Area Networks (WAN) and 3 years of security engineering, system security auditing or system penetration testing
Certifications (at least one is desirable): MCSA/Unix/Linux, CCNA, CompTIA-Network +, CompTIA-Security +, CISSP Certification
Preferred:
• Front-end:
o Code quality and standardization practices
• Development Tools:
o Git source version control
o Azure DevOps project management
• Business Analysis and Project Management:
o Agile Principles
o Azure DevOps
#javelin