ISSO - Vienna, VA

Job Description

Job Description

JOB DESCRIPTION
Watershed Security is seeking a qualified Information System Security Officer, Lead, to manage the team of ISSOs in a law enforcement environment and providing subject matter expertise in securing DEVSECOPS CI/CD pipelines and overseeing RMF activities from Prepare to ATO achievement & Continuous Monitoring.

REQUIRED QUALIFICATIONS

• Must have a TS/SCI with Counterintelligence Polygraph
• Demonstrate expertise in systems security requirements and policy.
• Demonstrate expertise in incident response and management.
• Demonstrate experience and knowledge with security frameworks and standards such as NIST, ISO 27001, and CIS Controls.
• Demonstrate experience and knowledge of security technologies, tools, and methodologies (e.g. firewalls, IDS /IPS, SIEM systems).
• Demonstrate experience and knowledge with cloud security frameworks and associated controls.
• Demonstrate experience and knowledge with system engineering and principles and practice.
• Demonstrate experience and knowledge with system engineering and principles and practice.
• Demonstrate experience and knowledge with secure software development lifecycle methodologies.
• Demonstrate experience and knowledge with risk assessments, threat modeling, and vulnerability management.
• Demonstrate experience and knowledge with secure architecture design and implementation.
• Demonstrate experience and knowledge with integrating security controls into system development.
• Demonstrate experience and knowledge with designing and implementing secure system architectures.
• Work is onsite in Vienna, VA, Monday - Friday 8am-5pm

DESIRED QUALIFICATIONS

• Five (5) years of ISSO experience.
• Experience securing cloud-native systems, implementing security gates om CI/CD, or managing AI/MIL model risks within federal or mission critical settings. Conduct risk assessments and vulnerability assessments to identify, evaluate, and prioritize security risks to the organizations information systems.
• Identify information protection needs for an information system and Network Environment.
• Define IS and Network Environment security requirements in accordance with applicable cybersecurity requirements.
• Design and develop cybersecurity-enabled products for use within an information system and network environment.
• Integrate and/or implement security with Cross Domain Solutions (CDS) for use within an information system and network environment.
• Develop and implement security designs for new or existing network system(s), include system deployed into the cloud. Ensure that the design of hardware, operating systems, and software applications adequately address cybersecurity requirements and implementation of EO14028 for the information system and network environment.
• Design, develop, and implement network security measures that provide confidentially, integrity, availability, authentication, and non-repudiation.
• Shall design, develop, and implement specific cybersecurity countermeasures for the information system and network environment.
• Develop interface specifications for the information system and network environment.
• Develop approaches to mitigate information system and network environment vulnerabilities and recommend changes to network or network system components as needed.
• Ensure that network system(s) designs support the incorporation of FBI directed cybersecurity vulnerability solutions.
• Design, develop, and implement cybersecurity capability into the CI/CD pipeline.
• Assist with other duties as assigned in the unit.
• Operate within Risk Management Framework, including Step 1-6, and ensure ongoing compliance through Continuous Monitoring.
• Design and implement security controls and validate their effectiveness.
• Configure and execute Nessus scans, interpret results, and feed findings into POA&M and risk analysis processes.
• Support system design reviews, architecture security assessments, and integrate security from requirements through sustainment.
• Secure cloud-based architectures (AWS, Azur, etc.) integrate security into CI/CD pipelines (DevSecOps), and apply NIST and DoD guidance AI tools and services in cloud environments.
• Able to work in a 24/7 operational environment.

PAY RANGE
Final salary is influenced by factors such as location, contract labor categories, experience, skills, education, and certifications. Watershed offers competitive compensation, medical and dental benefits, educational reimbursement, 401K plans with matching, 15 days of PTO to start and 11 paid holidays per year. The proposed salary range for this position is: $107,500 - $117,500 USD

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Powered by JazzHR

Q3rA8tnfJ0