Information System Security Officer; ISSO Security Clearance

Information System Security Officer (ISSO) with Security Clearance

GRVTY is a defense, intelligence and homeland security solutions provider dedicated to advancing America’s strategic position.

• Robust health plan including medical, dental, and vision
• Health Savings Account with company contribution
• Paid Time Off and Paid Holidays
• Paid Parental Leave
• 401(k) with generous company match
• Training and Development Opportunities
• Award Programs
• Company Sponsored Events

• Develop and coordinate all authorization documentation including the Systems Categorization, Systems Security Plan and Systems Risk Assessment.
• Support control assessment, reporting and monitoring processes using the Cyber Security and Assessment Management (CSAM) system.
• Assist components with staying on track with Core Controls and A-123 control assessment schedules.
• Work with components to ensure each Risk Based Decision (RBD) has a current Waiver.
• Coordinate with CSS Customer Liaison support, including status of the process and POA&M.
• Support and document security controls tests, assist in remediation and ensure that POA&Ms are being appropriately managed.
• Develop or update the Business Continuity and Contingency Plan for the component.
• Assist components with decisions that affect security of their systems and networks.
• Facilitate preparations for the tri-annual Security Assessment and Authorization (SA&A) component’s Information System.
• Conduct assessments of information systems security requirements, evaluate current security posture and recommend priorities for remediation.
• Review information system infrastructure and application architecture to assess security requirements.
• Review existing SA&A documentation, Security Assessment Report and security infrastructure (i.e. IDS, firewalls, vulnerability scan tools).
• Assess NIST 800-53, Rev 4 controls and document results.
• Evaluate and strengthen standard SA&A documentation.
• Perform and document risk assessments, analyzing security vulnerabilities and metrics to measure the risks associated with those vulnerabilities.
• Develop and document a Plan of Action and Milestones (POA&M) for mitigating risks based on risk profile.
• Design and develop comprehensive Systems Security Plan covering infrastructure, policies and procedures.
• Develop Systems Security User Guides specific to selected networks, desktop computers, servers and database systems.
• Design, develop and validate System Test and Evaluation (ST&E) reviews for new and legacy systems.
• Review and conduct NIST-based Self Assessments identifying weaknesses and developing POA&M for each weakness.
• Design and develop Initial Privacy Assessment (IPA) and Privacy Impact Assessments (PIA) for each major Federal Government IT system.
• Conduct OMB A-123 security assessments of Federal Government IT systems.

• Bachelor’s Degree in Computer Science or related discipline, or equivalent combination of education, certifications, and experience.
• 8+ years performing systems security assessments, preparing system security documentation, and performing security upgrades for live networks, desktop systems, servers, and enterprise databases.
• 8+ years assessing and enhancing IT systems security policies and procedures in response to regulatory requirements.
• 8+ years IT security experience with extensive knowledge of security regulations and assessments, having developed numerous security C&A (or SA&A) and ATO on a range of systems including classified systems.
• Strong working knowledge of NIST Special Publications and the NIST SP 800-37 SA using CSAM system.
• TS/SCI clearance required with eligibility to obtain/maintain CI Poly.
• Current certification in one or more of: CISA, CRISC, CISM, CGEIT, CISSP, CAP.

GRVTY is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran and will not be discriminated against on the basis of disability. Anyone requiring reasonable accommodations should email or call 703‑544‑7930 with requested details. A member of the HR team will respond to your request within 2 business days.