JPI is seeking a Senior Information System Security Officer (ISSO) with at least seven (7) years of experience to ensure the security of cloud-based information systems through the Risk Management Framework (RMF) process. The ISSO will led the authorization & accreditation activities and coordinate with members of the Security Authorization and Security Assessment Teams and other key program personnel to facilitate the RMF process from planning and data categorization through authorization to achieve/maintain an Authority to Operate (ATO). This position will be working with United States Coast Guard (USCG) to develop compliance documentation, provide domain expertise to development teams, develop POA&Ms, build the security authorization packages and support activities necessary to obtain/maintain an ATO for multiple enterprise cloud-based system
- Develop and update existing documentation and conduct self-assessment of security controls required to maintain the ATO.
- Generate and maintain a Plan of Action & Milestones (POA&M) to reflect any findings discovered in security assessments
- Develop relationship with key personnel to determine security requirements and develop a client Security Authorization Package (including generating documentation) to obtain an ATO
- Support the assessment of any new system interchanges or data migration needs to determine any impact to security compliance and the client ATO
- Update the compliance documentation and Security Authorization package for any system changes that impact security compliance
- Delivery of security services to document, achieve, and maintain the client ATO
- Review information systems for compliance with applicable customer directives and guidance; make recommendations for any changes as required
- Develop and conduct detailed security assessment briefs, providing cyber security risk recommendations
- Conduct cybersecurity assessments in accordance with established cybersecurity policies.
- Conduct Security Technical Implementation Guide (STIG) validation in preparation for authorization activities.
- Provide security advice and guidance in accordance with directives for the protection of data
- Provide technical guidance and support in preparing responses for government approval to A&A questions
- Prepare reports and memoranda, to include ATO's, ISA’s, MOU/A’s, IATT’s
- Review, coordinate, and respond to security issues as requested by the government
- Must have at least seven (7) years of experience in Information Assurance, cybersecurity or other related field.
- Bachelor's degree in business, information systems, engineering or a related field. Master's degree is a plus.
- Must hold one or more of the following certifications: Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), CompTIA Advanced Security Practitioner (CASP+), or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level II
- Preferred relevant experience in direct support of the US Coast Guard, Government Agencies supporting defense, Homeland Security, or law enforcement missions.
- Ability to communicate effectively, both orally and in writing
- Ability to read and interpret acquisition policy, regulations, and directives
- Must be a self-starter with the ability to work effectively independently and in team settings to include close collaboration with program managers and client personnel.
- Proven ability to support multiple projects and deliverables simultaneously in a deadline driven process.
- Experience in building and managing client relationships.
- Ability to recognize new business development opportunities.
- Work three (3) days a week on-site at USCG HQ in Washington, DC
- Clearance: Active Secret is required
JPI is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.