VTG is looking for a ISSO in Bethesda, MD.
The ISSO will work with others on program security team to provide for all aspects of security to include but not limited to the following:
* Provide knowledge, both in context and execution with the Risk Management Framework to support a NIST SP 800-53 HHM systems through the A&A process.
* Construct thorough and complete security documentation to include, but not limited to, System Security Plans (SSPs), Plan of Actions and Milestones (POA&Ms), and any other artifacts to support the Body of Evidence (BOE), for sponsor's approval.
* Identify security controls and work with engineering, development and testing staff to construct proper test plans and procedures.
* Implement security audit reviews verifying that the audit records are collected and reviewed.
* Coordinate all security testing exercises, working with external assessment teams and technical staff.
* Configure and support various AWS services to protect the security posture of the system
TS/SCI with Poly Required
- BS Degree
* Ensure security policies and procedures are implemented
* Experience with gaining an ATO for systems and working the systems through the assessment and authorization process
* Experience with vulnerability scanning tools to include Nessus, AppDetective, WebInspect and other vulnerability scanning tools
* Strong understanding of RMF, CNSSI 1253, NIST 800-53, NISPOM
* Ability to create and maintain system BOE documents to include SSPs, architecture diagrams, contingency planning, and continuous monitoring documentation
* Ability to write and modify documents to include SOPs, processes, and other guidance documentation
* Experience with JIRA and requirements management