About the role
Hunter Strategy is hiring for an Information Systems Security Officer (ISSO) to support the National Institutes of Health (NIH), Office of the Director (OD)’s A&A program in a Remote capacity. This program leads the design and implementation of the future network architecture as well as provides operations and maintenance (O&M) support for network systems, p[rogram areas, cloud deployments, and devices required to provide secure and always-on infrastructure services in a 24x7 environment including, change management and cybersecurity.
What you'll do
- Develop, Implement, and enforce information systems security plans, policies, standards, and methodologies across various IT system deployments in accordance with NIST 800-53 and FISMA requirements.
- Engage with required federal stakeholders to assist with ATO package development.
- Ensures compliance of policies are place.
- Draft and maintain ATO artifacts.
- Develop and evaluate security solutions to ensure they meet security requirements for processing information in accordance with NIST 800-37.
- Maintain operational security posture for an information system or program.
- Assist with pre-assessment, development and implementation of programs and controls set in place to preserve the integrity and security of sensitive data and information stored.
- Review Program information security systems and recommend improvements/solutions.
Qualifications
- Bachelor’s Degree in Computer Science, Information Systems, Engineering or other related discipline.
- 5 years of ISSO experience
- Comp TIA Security +
- FedRAMP and Cloud Understanding and Expertise (AWS Preferred).
- Possess the knowledge of security best practices, security solutions, and methodologies for risk management.
- Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
- Demonstrated experience working in large Federal agency preferably in HHS.
- Technical understanding of core current cybersecurity technologies as well as emerging capabilities
- Thorough knowledge of network security concepts with application knowledge of various enterprise security technologies, Security Information and Event Management.
Clearance Requirement
- Must be able to obtain and maintain a Public Trust security clearance.