Why Work at SI?
Secure Innovations (SI)
successfully and continuously strives to become experts in the Cybersecurity field by only focusing on Cyber! Because of this, we proudly stand behind our motto, "We're Not Standard Cyber. We're the Cyber Standard."
SI was built on the principle that people matter first and foremost. Our focus is on PEOPLE - our employees and our customers. SI believes in providing a strong work/life balance by investing in our employees and encouraging professional and personal growth. We do this by offering exceptional benefits, flexible schedules, and the tools necessary to achieve success through paid training, mentoring, and the opportunity to work alongside top-notch security professionals.
The Sr. Information Systems Security Officer (ISSO)
Oversees the security posture for one or more system(s) throughout the entire lifecycle; oversees the implementation of information technology (IT) security controls and security authorization documents; and ensures the system is compliant with mandated security policies and requirements. Provides technical recommendations for all Risk Assessments and Vulnerability Assessments conducted for the system or site. Provides security analysis of IT activities to ensure that appropriate security measures are in place and being enforced. Promotes IT security awareness information to the user community by validating the user community is completing their annual training. Oversees and maintains regulatory requirements and participates on the Change Control Board (CCB) by reviewing changes for security implications and security applications.
Education & Clearance Requirements:
- BS Degree & 12 years of experience
- Background Investigation Required
- 8570 IAM II (CAP, CASP, CISM, or GSLC)
Oversee, evaluate, and support the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization's cyber security and risk requirements, ensuring appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
- Provide recommendations on agile methodologies for RMF activities and develop organization specific policies, procedures, and processes for streamlined RMF implementation.
- Oversee and maintain, throughout the lifecycle of the system all applicable network and application documentation and assist Project Managers and IT personnel with the production and maintenance of their supporting A&A documentation. This includes but is not limited to, maintaining all applicable artifacts that are synchronized with actual system configurations in MCCAST.
- Major focus is oversight of steps 1-3 of the RMF processes. Experience in system categorization, allocation of security controls and documentation of implementation of security controls.
- Manage and report status of POA&MS
- Work with system owners and stakeholders to system is properly categorized.
- Work with system owners and stakeholders to ensure all Security Controls are identified and allocated to the system.
- Ensure the Security controls implementation details are properly documented
- Assists with designing, developing, testing, and evaluating information system security and documentation throughout RMF steps 1 through 3 of the systems development life cycle.
- Complete and close Plan of Action and Milestones (POA&Ms) both vulnerability related POA&Ms and policy/procedure based POA&Ms.
- Provide expert advice to developers, administrators, and others during system development life cycle