RedTrace Technologies Inc

Cloud Information System Security Officer (ISSO) - Senior Level (TS required, eligible for SCI)

Washington, DC
Full Time
Experienced

SECURITY CLEARANCE REQUIREMENT: TS, WITH SCI ELIGIBILITY

***POSITION REQUIRES US CITIZENSHIP***

Program Description:

The program provides support in the areas of Cybersecurity and Management to improve the Information Assurance (IA) posture of a federal customer. The contract’s support functions are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support.


Position Description:

We are seeking a Senior Cloud ISSO to carry out the following duties and responsibilities:

  • Services to support IS Security performed by the Senior Cloud Information System Security Officer (ISSO) at a minimum, shall consist of to the following activities:
  • Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS
  • Provide liaison support between the system owner and other IS security personnel
  • Ensure that selected security controls are implemented and operating as intended during all phases of the IS lifecycle
  • Ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis
  • Conduct required IS vulnerability scans according to risk assessment parameters.
  • Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities
  • Manage the risks to ISs and other agency assets by coordinating appropriate correction or mitigation actions, and oversee and track the timely completion of (POAMs)
  • Coordinate system owner concurrence for correction or mitigation actions
  • Monitor security controls for agency ISs to maintain security Authorized To Operate (ATO)
  • Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase
  • Ensure that changes to an agency IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM)
  • Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR
  • Provide baseline security controls to the system owner, contingent upon the IS’s security categorization, type of information processed and entity type
  • Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems’ impact levels and ISs’ authorization boundary
  • Ensure that new entities are created in the GRC application with the security categorization of agency ISs
  • Initiate, coordinate, and recommend to the agency Authorizing Official all Interconnection Security Agreement (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an agency IS with any non-agency or joint-use IS
  • Perform an independent review of the System Security Plan (SSP) and make approval decisions
  • Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the agency Authorizing Official
  • Schedule security control assessments in coordination with the system owner.
  • Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the agency Authorizing Official for a security ATO decision
  • Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number
  • Advise the agency Authorizing Official of IS vulnerabilities and residual risks.
  • Ensure that all POA&M actions are completed and tested
  • Coordinate initiation of an event-driven reauthorization with the agency Authorizing Official
  • Ensure the removal and retirement of agency ISs being decommissioned, in coordination with the SO, ISSM, ISSE, and ISSR


Qualifications: 

Required: 

  • Current U.S. Government Top Secret Clearance w/ SCI and a CI-Polygraph eligibility
  • Must be a U.S Citizen
  • At least 5 years serving as an Information Systems Security Officer (ISSO) at a cleared facility
  • Minimum of 5 years of work experience in a computer science or Cybersecurity related field
  • Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications
  • Cloud computing certification (ie AWS, Azure, Google Cloud, or vendor agnostic (CCSK, CCSP, Cloud+)
  • Hold at least one of the following certifications:
    • Certified Information Systems Security Professional (CISSP)
    • Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level III proficiency

Desired:

  • A bachelor’s and/or advanced degree in computer science, business management, or IT-related discipline


Employee Benefits:

  • Competitive salary for well qualified applicants
  • 401(k) plan
  • Annual performance bonus
  • Certification and advanced degree attainment bonuses
  • Student Loan / Tuition reimbursement
  • Health Care Insurance (medical, dental, vision)
  • Up to four weeks of paid vacation
  • 11 Federal Holidays, and 3 Floating Holidays
  • Team bonding events


RedTrace Technologies is an EOE employer.

Share

Apply for this position

Required*
Apply with Indeed
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status


Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 04/30/2026
Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please check one of the boxes below:

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

You must enter your name and date
Human Check*