Information System Security Officer

S

Summit Technologies, Inc.

Information System Security Officer

Washington, DC
Full Time
Paid
  • Responsibilities

    Summit Technologies, Inc. is looking for a talented Information System Security Officer. In this role you will research, develop, implement, test, and review our client’s information security to protect information and prevent unauthorized access. Candidates must be eligible for a Public Trust clearance. This is an on-site position based in Washington, DC.

    Duties & Responsibilities:

    • Maintain the Security Authorization or Authorization to Operate (ATO) of assigned system(s).
    • Conduct initial Security Assessment and obtain ATO, in line with NIST SP 800-37 Rev.2.
    • Continuously update all Security Authorization documentation to maintain assigned system’s ATO or system go live dates.
    • Select the baseline security controls for the IT system, using CSAM, and tailor where appropriate.
    • Document relevant NIST 800-53 Security Controls for assigned IT systems.
    • Perform and document initial and annual risk assessments of all systems.
    • Develop and document all supporting Security Assessment & Authorization (A&A) artifacts (i.e. PIA, SP, ITCP, BIA, CMP, MOU, ISA).
    • Produce Security Authorization packages for Authorizing Official (AO) signature including Authorization to Operate.
    • Track the deployment of software to the environment that is not part of the base image.
    • Conduct security impact analyses of proposed changes, provide recommendations.
    • Analyze configuration settings, implementation of STIGs, and conduct manual checklists.
    • Generate Plan of Actions & Milestones (POA&Ms) for each non-compliant control of assigned IT Systems.

    Required Skills & Experience:

    • A minimum of 3 years’ experience working in Cybersecurity.
    • Working knowledge and experience with CSAM and the NIST RMF.
    • Experience working with system stakeholders to assess and manage system cybersecurity risks.
    • Ability to synthesize complex IT system information and communicate system status and requirements in written products and verbal presentations.
    • Ability to write clear, concise and effective security control implementation statements
    • Familiarity with configuration settings and vulnerability management analysis of infrastructure devices.
    • Ability to draft a complete ATO package, to include the SSP.
    • Ability to work independently.

    Education:

    • HS Diploma

    Desired Certifications:

    • CISSP, CompTIA Security+, CGRC (formerly CAP) or CISM

    Security Clearance:

    • All candidates must be eligible to obtain a Public Trust Clearance.

    If you feel you are qualified and want to be considered for this position, please supply the following to: y5ucgcehu8eehqr66ne6trbije@crelate.net , and please put the job number ‘6769’ in the subject line:

    • Updated resume including MM/YYYY for each employer.
    • Best times/dates to interview (plus phone # you can best be contacted at).
    • Availability to start once given formal offers.

    Summit Technologies Inc. appreciates your interest. We will contact the best matching prospects and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, disability or veteran status.