Information Systems Security Officer

THE HIGH LEVEL

Iron Bow Technologies is seeking an experienced Information Systems Security Officer to support an existing, long-term Federal Government customer, the Department of Justice (DOJ). Our Information Systems Security Officer will provide IT Security Support to the DOJ Civil Division (CIV) including Information System Security reviews and assessments, drafting/maintaining documentation, system audits, vulnerability management, risk assessment, product evaluation, security implementation and remediation, security incidents and network security support. This position currently follows a hybrid schedule with onsite work at the customer site in Washington, DC, currently planned for 3 days onsite and 2 days remote. Candidates should be cognizant that this can change at any time to stay aligned with the customer's expectations.

WHAT YOU'LL BE DOING

The Information Systems Security Officer participates in the review of identified new technologies or policies (e.g., Cloud Solutions fully off premise or hybrid, Continuous Diagnostic and Mitigation (CDM) technologies, anomaly-based tools, virtual environments) to determine any impact on CIV systems and report findings. You will also participate in the development of monthly, quarterly, and annual Federal Information Security Management Act (FISMA) reporting documents and recommend enhancements that will be shared with CIV IT leadership. Responsibilities include:

• Provide technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, security implementation, and remediation.
• Draft various security documents that either adhere to existing/revised standards or draft a first-time document that aligns with standards and logically includes all necessary information needed to effectively represent the system.
• Oversee the implementation and enforcement of security controls in compliance with IRS Publication 1075 for systems handling Federal Tax Information (FTI). The ideal candidate will have a strong background in NIST 800-53, risk management, and audit readiness specific to tax data environments
• Provide technical assistance in the designing and implementation of solutions for protecting confidentiality, integrity and the availability of sensitive information.
• Provide technical support and analysis in the identification, evaluation, investigation, and remediation of cyber and insider threats.
• Provide technical evaluations of CIV systems and assist with making security improvements.
• Participate in design of information system contingency plans that maintain appropriate levels of protection and meet time requirements for minimizing operations impact to the CIV.
• Performs assessment of present levels of cyber security, offer recommendations on levels of risk, training personnel in proper cyber security protocols.
• Conduct security product evaluations, and recommend products, technologies and upgrades to improve the CIV systems security posture.
• Conduct testing and audit log reviews to evaluate the effectiveness of current security measures.
• Support and prepare security documentation for CIV systems for submission to designated reviewers.
• Participate in the management of accreditation of the CIV systems evaluating and certifying the implementation FISMA, the NIST security guidelines, and the Department's plans, policies and guidelines.

WHAT YOU BRING TO THE TABLE

• A minimum of 8 years of progressive, technical (hands-on) experience in Information Assurance C&A, including being a key contributor to the various security documents created and maintained for the system.
• Being onsite on planned days - this position does require onsite support.
• Solid understanding of network protocols and security architecture
• Experience working with security tools like IDS/IPS and vulnerability scanners
• Experience with risk management and incident response
• Experience working as an ISSO supporting federal government information systems.
• Experience with ISO, NIST and US Government standards and cybersecurity frameworks (e.g. FISMA, FIPS, HSPD), system administration.
• Experience creating/maintaining system documentation that adheres to the existing documentation standards, as well as drafting first-time documentation that includes all relevant and necessary information about the security posture of the system.
• IT security management, engineering, and analysis experience.
• US citizenship - TS/SCI clearance is required - an existing active clearance is preferred, will also consider a candidate who does not hold but is eligible to obtain clearance.
• S. in Information Technology or a closely related field.
• Certification requirements are: Active CISSP certification - have certs coming in or commit to obtaining within 6-months of hire.

TRAVEL REQUIREMENTS

This position requires candidates based in the greater Washington, D.C. metropolitan area so that they are accessible to multiple DC-area locations. There are no travel requirements outside the DC metro area.

WHY YOU'LL LOVE IT

• Be a leader in providing the highest level of customer experience excellence in a fast passed and exciting environmentand a role model for team members.
• Iron Bow is rapidly growing and with growth comes opportunity for all.There is palpable energy and momentum across the company that is easy to tap into and be inspired by.
• Be a part of organizational transformation. Now's the time to join. Iron Bow is redesigning the customer and employee experience. This new approach elevates all and truly enables success.

#LI-PD1