Sr. ISSO (IMC00745)
Location: |
Hybrid/Washington, D.C.
|
Travel Required: |
Minimal
|
---|---|---|---|
Level/Salary Range: |
$105,000 - $115,000
|
Position Type: |
Full-Time
|
Date Posted: |
|
Posting Expires: |
Until filled
|
Mandatory Job Requirements: |
|
||
Applications Accepted By: |
Email: Michelle Might, Corporate Recruiter, michelle.might@imcva.com Email Subject Line: Sr. ISSO (IMC00745) |
The senior ISSO will function as a Zero Trust Cyber Analyst supporting and providing expertise to a cybersecurity and privacy program for a government customer serving as an advisor to system owners on all matters, technical and otherwise, involving the Zero Trust and security of an information system.
Work Location: Hybrid work requirement, with up to one day required onsite in Washington, D.C., and the balance of the week performed remotely, based upon the needs and directions of the customer.
Essential Duties and Responsibilities: This position will include, but is not limited to, the following tasks:
- Help to implement and refine Zero Trust security strategies and roadmaps based on organizational requirements, industry best practices, and emerging threats.
- Help to convey network segmentation strategies that enforce least privilege access controls and limit lateral movement of threats within the network.
- Assist with the development of workflows to streamline Zero Trust enforcement.
- Collaborate with security architects and engineers to review and enhance the security architecture to align with Zero Trust principles and best practices.
- Ensure that the policies, procedures, and architecture of Zero Trust are aligned with applicable federal policies and guidelines that govern the implementation of zero trust and overall improvement of cybersecurity operations (e.g. Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity (14028).
- Prepare technology briefs and recommendations for customer stakeholders.
- Assist with the creation and maintenance of cyber security architecture documentation.
- Assist with updates and maintaining the Zero Trust Implementation Plan to include phases and timelines.
- Perform systems analysis of Zero Trust maturity level and collaborate with Tech personnel on recommendations to achieve optimal maturity.
- Provide weekly reports of progress towards completing the Zero Trust Implementation Plan.
- Other duties as assigned.
Basic Required Qualifications and Skills: Note: These are mandatory items that all candidates must have when submitting an application to IMC for this position. Please ensure that your submission addresses each of these requirement items. Candidates without these required elements will not be considered.
- Bachelor’s degree in business, information technology, or related field of study.
- Minimum 10 years’ experience in cybersecurity or information assurance.
- At start date, must possess one of the following professional certifications in ACTIVE status: CISM, CISSP, or GSLC.
- Knowledge of the following:
- NIST Cybersecurity and Risk Management frameworks and associated requirements.
- Risk management processes (e.g., methods for assessing and mitigating risk).
- Cybersecurity/privacy principles and cyber threats and vulnerabilities.
- Risk management.
- Continuous monitoring.
- Reviewing scan results.
- Audit log reviews.
- Change management.
- Vulnerability management.
- Incident response.
- Handling of privacy-related and sensitive data.
- Excellent attention to detail (thoroughness, accuracy, and consistency) ability for all team work products.
- Ability to work with and communicate effectively across multi-functional teams and audiences of varying seniority and expertise.
- Pursuant to a government contract, this specific position requires U.S. Citizenship.
- Must possess or be able to obtain a federal background investigation of Tier 2 Critical Non-Sensitive (Form SF 85P).
Desired Qualifications and Skills: It is desirable that the candidate have the following qualifications:
- Experience in Health and Human Services as a Government employee or contractor.
Salary and Benefits Information: Please see the salary information listed at the beginning of this document, which is not a guarantee of compensation or salary. All salaries will be based on relevant experience, geographic location, and position and/or contractual requirements, which could fall outside of the listed range. For more information about IMC’s benefits, please visit our website at https://www.imcva.com/about-imc/careers.
Background Information:
Innovative Management Concepts, Inc. (IMC), a Service-Disabled Veteran-Owned Small Business, provides a broad range of information technology IT services to government and commercial customers by placing a high priority on modernization, enhancing business processes through technology, and creating efficiencies through automation. Since its founding in 1989, IMC has offered solutions and expertise in: IT operations and maintenance, data management, cyber security, systems and network engineering and administration, cloud/hosting services, software development, website services, software quality assurance and testing (including IV&V), and project management. IMC is certified in International Organization for Standardization (ISO) 9001 Quality Management, ISO 27001 Information Technology Security Management, ISO 20000 Information Technology Service Management, and ISO 14001 Environmental Management System. Committed to continuous improvement and information security, IMC has been appraised at level 3 of the CMMI Institute’s Capability Maturity Model Integration for both Development and Services and we are CMMC Level 2 (Ver 2.0) compliant. Find out more about IMC at www.imcva.com.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.