Information System Security Officer (ISSO)

Overview

DecisionPoint Corporation is seeking an Information System Security Officer (ISSO) to join our team!

This position is fully remote. 

Duties & Responsibilities

• Perform ISSO tasks in accordance with NIST SP 800-37 Rev. 2 Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy (RMF)
• Ensure that the appropriate operational cybersecurity posture is maintained for assigned IT systems.
• Develop, update and maintain the System Security and Privacy Plan (SSPP) and all associated documents for assigned systems.
• Participate in Contingency Plan, Recovery Plan and Incident Response training and tests for assigned IT systems.
• Participate in Incident Response activities for assigned IT systems.
• Serve as a principal advisor on assigned IT system(s) and brief on all matters, technical and otherwise, involving the cybersecurity posture of the system - including notifications to the business owner and RISSM of any changes that increase the risk to Reclamation operations, assets or individuals.
• Work with technical teams to mitigate security control deficiencies for assigned IT systems.
• Assess the cybersecurity impact of changes to assigned IT systems.
• Update hardware and software inventories to reflect changes to assigned IT systems as needed.
• Conduct annual assessment activities in accordance with Annual Assurance Statement requirements.
• Participate in security assessments and audits for assigned IT systems as required.
• Provide technical cybersecurity expertise on IT operational projects throughout the Software Development Lifecycle

Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or other related field.
• Ability to obtain a Public Trust.
• Minimum of 5 years of ISSO experience.
• Knowledge of cybersecurity principles, cyber threats and vulnerabilities.
• Experience performing compliance and vulnerability scans.
• Familiarization or experience with implementing STIGs across an environment
• Familiarization with the National Institute of Standards and Technology (NIST) Special Publications (SP) 800-37 and 800-53
• Proficient with Microsoft Office Word/Excel/PowerPoint
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Knowledge of specific operational impacts of cybersecurity lapses.

Our Equal Employment Opportunity Policy

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.