Canfield Cybersecurity Group is looking for an experienced information security system officer to support an upcoming contract with the Defense Information Systems Agency. This position will provide independent validation and verification to ensure that DISA capabilities are following policy, such that the capabilities are cyber secured.
Please note that this position is contingent upon contract award.
- 5 years of specialized experience in the field of Information Systems Security Officer
- Hold an active Secret clearance
- Hold an Information Assurance Manager (IAM) Level II certification in accordance with DoD 8570.01-M
- Experience in working with RMF including ushering of packages through the Security Control Assessor (SCA) and Authorizing Official (AO).
- Able to coordinate and lead discussions during Risk Management Framework (RMF) meetings; maintain close communication within the DISA Services Development (SD) development teams, and report status to the DISA SD13 Information System Security Managers (ISSMs) as per reference DoD Instructions 8500.01 and 8510.01.
- Understands the SIPRNet and NIPRNet Enterprise Mission Assurance Support Service (eMASS) and be able to prepare RMF Packages.
- Able to support the Information Systems Security Manager (ISSMs) by interacting with developers, System Information Systems Security Officer (ISSOs), Information Systems Security Engineers (ISSEs), Code Reviewers, and Validators.
- Able to resolve Security Technical Implementation Guides (STIG) and security control findings and update the Plan of Action and Milestones (POA&Ms) spreadsheet as directed by the Government. Track, monitor and evaluate all related Information Assurance Vulnerability Management (IAVMs) through identification to closeout.
- Experienced in developing and maintain the Risk Management Framework (RMF) package to include maintaining the system/program artifacts (compelling evidence), assigning security controls based on the system categorization as required by Committee of National Security Service (CNSS) 1253 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-60, Volume II, ensuring the system/program is properly registered in eMASS, identifying the system/program RMF Team members, and initiating the RMF System Security Plan (SSP).
- Experienced in validating assigned Security Controls including the execution of the SSP, coordinate validation activities, and compiling the status of the validation results in the RMF Scorecard.
|Job Category||Experienced Information Security System Officer to Support(ISSO)|