ActioNet, Inc. Jobs

Mobile actionet Logo

Job Information

ActioNet, Inc Information Assurance Security Specialist/ISSO in Silver Spring, Maryland

ActioNet has an immediate opportunity for an IT Security professional to serve in the role as Information System Security Officer (ISSO) for our customers. This position requires the ability to get a Secret clearance and is located in Silver Spring, MD.

Are you ready to join our great Support team? To be a successful candidate, you must have hands-on experience and extensive knowledge with NIST 800 Special publications standards and preparing documents such as: System Security Plans (SSPs), Contingency Plans (CPs), Risk Assessments Matrices (SRTMs), Business Continuity Plan (BCP), Business Impact Analysis (BIA), Security Impact Assessments (SIAs) for proposed System Configuration changes, as well as having a thorough understanding of NIST Special Publications 800-53, Rev3/4, 800-53A, and 800-37

You will join a close-knit and highly technical and senior team of Systems Admins and Engineers. This is a standard workweek environment supporting our customers across the globe.

What is in it for you?

  • This is a self-managed and independent role where you have the opportunity to be involved in new security and cloud technologies

  • You will be on the forefront of leading weather, geospatial and satellite web page development that services scientist, institutions, analysts and citizens across the globe

  • You will join a supportive and engaged customer and working environment

Duties and Responsibilities

  • Assists in the maintenance of systems to protect data from unauthorized disclosure and/or modification

  • Play a lead role in the Annual Security Control Assessment of Systems. Work with assessors during assessment, and be able to analyze and understand the Security Assessment Report (SAR) and Vulnerability Assessment Report (VAR)

  • Identifies, reports, and resolves security violations.

  • Responsible for developing, updating and managing core security documents such as the System Security Plan (SSP), FIPS 199 & 200, Business Continuity Plan (BCP), Business Impact Analysis (BIA), Disaster Recovery Plan (DRP), Information System Contingency Plan (ISCP), Security Impact Analysis (SIA), Incident Response (IR) Plan, etc.

  • Work closely with the Systems Administrators and Network Engineers in ensuring that the system is running in compliance with the Acceptable Baseline Configuration

  • Ensure that identified vulnerabilities are remediated in accordance with CITR-016.

  • Manage and address milestones and POA&Ms in CSAM and ensure that the POA&Ms are successfully closed within the timeframe specified in the milestones

  • Be involved with the annual PEN Test exercise and work directly with the PEN Testers and in-house IT staff

  • Continuously working with the System stakeholders and data custodians to ensure that the system and networks are adequately protected against intrusion by deploying necessary controls that provide security of data

  • Ability to perform a variety of other assigned IT security tasks.

Required Qualifications:

At least five (5) years of demonstrated experience required in:

  • Active Certification: CISSP preferred, CISM, CISA, CAP, CRISC,

  • Utilization of scanning products such as: Nessus, Retina, Core Impact

  • Knowledge of security best practices such as; defense in-depth, least privileges, need-to-know, separation of duties, access controls, encryption, etc.

  • Experience with FIPS 199/200 and Security Awareness Training (to include different possible social engineering attacking techniques)

  • NIST 800-37 experience, (DIACAP, NIACAP or similar products)

  • Experienced with NIST 800-53 REV 4 preferred to include privacy controls

  • Experienced with FISMA A&A continuous monitoring

  • Experienced with providing FISMA Vulnerability and Compliance Scanning

  • Experience of A&A Core Documentation development (i.e. SSP, BCP, DRP, ISCP, BIA, FIPS 199 & 200)

  • Experienced in assessing and maintaining a FIPS 199 High Category Federal system

  • Experienced with Security Repository Tools such as Cyber Security Assessment and Management (CSAM) or Trusted Agent FISMA (TAF)

  • POA&M Management experience in a federal government setting

  • Experienced with System and Network administration

  • Sound knowledge of risk management and assessment (both qualitative and quantitative) using NIST SP 800-30 and 800-39

  • Experience in Systems Engineering or satellite experience is preferred

Preferred Qualifications:

  • Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, Visio and Project)

  • Must be organized, timely, and customer service oriented

  • Must be able to update documentation in a timely and professional manner that includes proof reading and formatting.

  • Ability to work well independently and in a diverse team setting

  • Adaptability, flexibility and ability to deal with ambiguity and change

  • Excellent oral and written communication and customer service skills

  • Excellent attention to detail and good analytical skills

ActioNet is an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

ActioNet is an Equal Opportunity/Affirmative Action employer

All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age (40 or over), or genetic information. ActioNet’s commitment to diversity and inclusive selection practices includes ensuring qualified long-term unemployed job seekers receive equal consideration for employment.

The ActioNet Career Center is accessible to any and all users. If you would like to contact us regarding the accessibility of this portal or you need assistance completing the application process, please contact Jonathan Dobles, Technical Recruiter, at 703-204-0090 ext 195 or JDobles@ActioNet.com. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

DirectEmployers