The Information System Security Officer will provide overarching IT infrastructure (network, systems, applications, etc.) security leadership and support of a small enterprise. The successful candidate ensures that all security best practices are followed and that the infrastructure complies with stated federal security policies and regulations. This includes but not limited to the identification, evaluation, and resolution of identified vulnerabilities and root cause analysis, lead Authority to Operate processes, Assessment and Authorization, privacy and process compliance issues, and creation of security related reports. Key responsibilities include management of security-related aspects of the infrastructure and support various teams in providing secure solution path for a cloud-first strategy. The ISSO will support the Program Manager in gathering and analyzing requirements, solution design, and execute various modernization efforts, while delivering high customer satisfaction. Additionally, the candidate must possess strong creative, communication, and collaboration skills
- Manages implementation and development of the information security infrastructure.
- Ensures security policies, standards and procedures are established and enforced.
- Coordinates information security audits, tests and reviews.
- Provides guidance to analyzing and evaluating networks and security vulnerabilities, and manages security systems such as anti-virus, firewalls, patch management, intrusion detection and encryption on a daily basis.
- Recommends security solutions to program team
- Manages and supports Information Security Analysts and Information Security Risk Analysts.
- Manages security requests and incidents.
- Ensures key information security risk matters are conveyed to and reviewed by stakeholders
- Ensures key IT control processes comply with standards and report to management appropriately.
- Assists with management activities relating to infrastructure incidents, contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties.
- Presentation and requirements elicitation skills
- Attention to Detail - is thorough when performing work and conscientious about attending to detail.
- Customer Service - works well with clients and other vendors in achieving mission success and is committed to providing quality products and services.
- Strong Communication Skills - be able to expresses key ideas and obtain tangible feedback from cross-functional team members and stakeholders.
- Critical Thinking and Problem Solving - identifies risks and problems, and be able to conduct qualitative and quantitative analysis to generate and evaluate alternatives and to make recommendations.
- Demonstrates a high degree of customer service and team work
- Knowledge of Agile/Scrum concepts
- Knowledge of ITIL concepts
- CISSP Certified
- Typically requires BS degree and 8 - 12 years of prior relevant experience or Masters with 6 - 10 years of prior relevant experience.
- ITILv Certified
- Cloud certifications