Information Systems Security Officer

EOE Statement
Key Concepts Knowledgebase is committed to the principles of equal employment. We are committed to complying with all federal, state, and local laws providing equal employment opportunities, and all other employment laws and regulations. It is our intent to maintain a work environment that is free of harassment, discrimination, or retaliation because of age, race, color, national origin, ancestry, religion, sex, sexual orientation (including transgender status, gender identity or expression), pregnancy (including childbirth, lactation, and related medical conditions), reproductive health decisions, marital status, personal appearance, matriculation, political affiliation, credit information, employment status, physical or mental disability, genetic information (including testing and characteristics), veteran status, uniformed servicemember status, status as a victim or family member of a victim of domestic violence, a sexual offense, or stalking, homeless status, or any other status protected by federal, state, or local laws.

Description

Position Summary/Overview:

Key Concepts Knowledgebase, LLC., is seeking an Information Systems Security Officer for a project at a large NIH support organization. The successful candidate will work with our IT managers, engineers, technicians, and the client to ensure the expectations of both parties are fulfilled in a timely, cost-effective manner.

Position Requirements

The responsibilities are as follows:

• The Information System Security Officer will be responsible for the assurance that all systems, components, and services, required by the client, are in compliance with federal security policies, processes, and procedures.
• The ISSO will serve as the principal advisor to the client on all matters, technical and otherwise, including the security of the client's information system.
• The ISSO will work with the IT security team to complete Authority to Operate activities.
• The ISSO will help coordinate and execute all activities related to systems patching and related security compliance in a clinical and scientific research environment.
• The ISSO will work with the government to implement security assessments and authorizations, and ensure that the systems continue to operate at the required intervals when changes are implemented.
• Additionally, the security officer will perform oversight and compliance verification assessment and continuous monitoring, contingency plan development, and evaluation, and all vulnerability scanning and auditing, as necessary.
• The ISSO will also provide recommendations for security processes and procedures improvement.
• The ISSO must document all assessment activities in order to report to senior management- both technical and non-technical personal.
• The ISSO will also create a quarterly security awareness article for the client publication.

Qualifications:

Knowledge, Skills and Abilities:

• Must be detail-oriented, organized, and can work under tight deadlines
• Federal contract work experience;

Technical Requirements (required and desired - specify):

Required-

• Bachelor's degree in Computer Science, Information Systems, Engineering, Business or other related discipline
• Proven work experience as an ISSO in a government environment
• Security related certification
• Proven in-depth knowledge of information security processes, processes, methodologies, and best practices
• Exceptional written and verbal communication skills, showcasing the ability to articulate technical concepts to non-technical audiences
• Extensive knowledge in relation to traditional and Agile frameworks in a highly dynamic environment
• Experience using SIEM tools: Nessus/Tenable, Appscan, BigFix, JAMf, Cylance, CyberArk, and more
• Extensive experience developing reports and documentation with the purpose of reporting activities
• Extensive knowledge of security systems and ability to serve as a SME on network continuous monitoring tools implementation across networks and ability to recommended solutions as needed to support vulnerability remediation for Windows, Max, Linux and other operating systems
• Ability to provide security expertise on security controls and to conduct security testing and develops assessment of local area network and other components with the purpose of ensuring compliance
• Experience creating and managing Plan of Action and Millstones (POA&M)
• Knowledge and ability to assist with coordination of contingency plan testing for GSSs and other applications
• Experience creating Privacy Impact Assessments and risk assessments
• Experience and ability to perform continuous review of existing systems and making recommendations for optimization

Desired:

• NIH experience
• Public Trust

Training and Certifications:

Other:

• Must be able to obtain and/or pass a public trust background check.

Full-Time/Part-Time
Full-Time

Position
Information Systems Security Officer

Location
Bethesda


This position is currently accepting applications.