ISSO Specialist

Job Title: ISSO Specialist Job Location - Lexington MA 02420 Onsite Requirements: * NIST 800-53 * Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security) * Prior ISSO experience Job Description: * This role is supporting Air Force Programs and Client prefers candidates with mid-level experience: * Assist and support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs). * Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. * Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. * Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals. * Track audit findings and recommendations to ensure that appropriate mitigation actions are taken. * Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements. * Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stake holders. * Recognize a possible security violation and take appropriate action to report the incident, as required. * Assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy. * Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures. * Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation. * Lead and align information technology (IT) security priorities with the security strategy. Prepare for and participate in periodic organization compliance assessments. * Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program. Education and Certifications: * BS degree is preferred but not required * Security Plus is the minimum 8570 certification requirement. Must Have * Admin * System Auditing 4 years * Certification * Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security) Yes * Experience * Regulatory & Compliance 4 years * Government Policy/Regulations * STIGs/SCAP 4 years * Security * Assessing Security Controls (CS105.16) 4 years * Assessment and Authorization 4 years * Authorizing Systems (CS106.16) 4 years * Categorization of the System (CS102.16) 4 years * Continuous Monitoring (CS200.16) 4 years * Implementation of Controls (CS104.16) 4 years * Monitoring Security Controls (CS107.16) 4 years * NIST 800-53 4 years * NIST SP 800-37 4 years * Risk Management Framework (RMF) 4 years * Selecting Security Controls (CS103.16) 4 years Nice to Have * Bachelor's Degree