Information System Security Officer (ISSO) (AWS Cybersecurity)

The AWS Security Engineer, Information System Security Officer (ISSO) is part of the PERATON DHS’ Security team and plays a Cybersecurity operational compliance role within the Citizen Security and Public Services Sector (CS&PS). The ideal candidate will become part of Peraton’s Department of Homeland Security (DHS) Datacenter Consolidation and Cloud Optimization (DCCO) program providing ISSO support to the DHS Homeland Advanced Recognition Technology (HART) biometric system. The position is responsible for performing as a named ISSO for a Government Systems and assisting other ISSOs with end-to-end Governance Risk and Compliance (GRC) functions that entails security control implementation, continuous monitoring, and federal Assessment and Authorization (A&A) activities. 

Day to Day Work Responsibilities: 

• Works closely under the supervision of Cybersecurity Manager and with other security personnel within Peraton CS&PSS Sector to ensure operational security measures are implemented. 

• Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing.  

• Reviews and continuously monitors implemented security controls.  

• Creates and maintains security checklists, templates, and other tools to aid in the A&A process.  

• Performs security control assessment using Agency guidelines/NIST guidance and as per continuous monitoring requirements. 

• Performs risk analyses to determine and recommends essential safeguards. 

• Proactively mitigates system vulnerabilities and recommends compensating controls. 

• Contributes vulnerability information in development of core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc. 

• Maintains client-specific vulnerability-based Plan of Action and Milestones and supports remediation activities. 

• Maintains an inventory of hardware and software for the information system. 

In a typical engagement, the ISSO operates as a trusted advisor in the organization, working with senior management and focusing specifically on the security environment in relation to client business objectives. The ISSO helps to understand operational issues and plans the next steps in collaboration with Cybersecurity Manager from an information security viewpoint. The position will be able to demonstrate industry expertise and thorough understanding of security governance, vulnerability assessment, risk and compliance domains.  This position requires the ability to interact and influence at an organizational level to carry out governance, risk and compliance activities. 

Basic Qualifications:

• High school diploma and 5 years of Information Technology experience. 
• U.S. citizenship and the ability to obtain/maintain a U.S. government agency level clearance (the DHS EOD, which you must have prior to starting). 
• Must have 5+ years of experience as a NAMED ISSO for a Govt System(s); preferably within the DHS/DHS Components 
• Excellent communication skills, self-motivated and tenacious, demonstrate sound judgment and integrity 
• Knowledge of the security countermeasures and overall RMF and NIST compliance guidelines  
• Ability to influence OCISO Delivery system stakeholders in the execution of security and compliance requirements.
• Experience working with the National Institute of Standards National Institute of Standards and Technology (NIST) and Federal Information Security Management Act (FISMA) requirements and reporting. 
• Experience in managing security Certification and Accreditation activities utilizing common control frameworks. 
• Experience with risk mitigation and selecting or designing appropriate security controls for implementation. 
• Experience applying cloud security concepts, requirements, design development, implementation, and integration for existing and new technology product offerings.  
• Experience with overseeing compliance programs in Microsoft Azure, Amazon AWS, PCI DSS, and FedRamp cloud environments 
• Experience with Tenable, Palo Alto, or other cloud-based infrastructure vulnerability scanning platforms. 
• Experience in coordinating, monitoring and tracking security activities across multiple organizations. 
• Experience in managing security posture of cloud environment, and working with engineering teams to remediate, and communicating overall risk of environment while identifying areas of improvement. 
• Demonstrated understanding and experience with DevSecOps

Knowledge of Federal Government Security, industry and market trends and CS&PSS business and offerings

• Understands federal security and regulations. 
• Understands DHS’ Security Policy and has in-depth knowledge of DHS’ Security Policy 4300a.

Preferred Qualifications:

• Bachelors degree and 5 years of experience or a HS Diploma and 9 years of experience.

• Preferred Certifications:  CISSP or CISM; At least one Cloud Security Certification: AWS Security Professional; CCSP; CCSK, CISA, CRISC, GSEC, ComTIA Sec+ 

• Experience of working with Federal Information Processing (FIPS), FISMA, FedRAMP and Other Cyber Security related laws, regulations and directives 

• Experience with cloud-based infrastructure vulnerability scanning platforms 

• Experience of presenting at client meetings 

• Experience of translating contractual security requirements to deliverables.