Nisga'a CIOPS provides hands-on experienced services to civilian and DoD programs worldwide. Delivering highly skilled, cleared personnel who provide services on five continents for a portfolio of customers.

Summary:

The following Information Systems Security Officer (ISSO) support services shall be provided to the Federal Bureau of Prisons. The contractor, serving as the ISSO, shall prepare and maintain correct, thorough, and timely inputs to accreditation packages and critical documents that stipulate concepts, requirements, continuity, and contingency in accordance with current network accreditation processes.

Essential Job Functions:

Provide analyses and decision support information for the A&A to make system/network risk management determinations for an Authorization to Operate (ATO).
• Provide draft inputs to security policies and guidance, based on Government requirements and industry best practices.
• Provide artifacts and information required for audits and inspections.
• Develop and maintain matrices to track and analyze trends in IA readiness and compliance.
• Manage and track all Plan of Action and Milestones (POA&Ms) created by the organization to address identified weaknesses, vulnerabilities, and audit/assessment findings from creation to closure.
• Coordinate and implement Information Operations Conditions (INFOCON) measures as necessary.
• Utilize tools and tracking mechanisms that shall automate reporting and data collection of Information Security (INFOSEC) associated vulnerabilities.
• Provide continuous monitoring of all enterprise-managed assets.

Necessary Skills and Knowledge:

• In-depth knowledge of cybersecurity principles, practices, technologies, and regulatory requirements.
• Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical stakeholders.
• Possesses demonstrated expertise in and capability to perform full range of Information System Security to include:
  • Assist in identifying, implementing, and assessing security, privacy, and common controls.
  • Work with system stakeholders to develop the SSPP, SAR, ISCP, Incident Response Plan (IRP), Configuration Management Plan (CMP), MOU/A, Interconnection Security Agreements (ISA), POA&Ms, and related information system documentation to include ISO memos, Project Plan, FIPS 199, System Security Plan (SSP) and control plans.
  • Ensure common controls are available for inheritance by other information systems.
  • Ensure systems operate, maintain, and dispose of information and data per DOJ policies and procedures.
  • Report and support the SO with all security-related incidents.
  • Monitor system recovery processes and ensure proper information system security features restoration.
  • Perform security and privacy control assessments and information security continuous monitoring (ISCM) per DOJ's frequencies.
  • Serve as a Configuration Control Board (CCB) member to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented.
  • Complete the security impact assessment for any system-related change that could affect the security posture of the information system.
  • Address information system security requirements during all phases of an information system lifecycle.
  • Review system audit logs, maintain evidence of review, and report completion of audit log review to the SO.
  • Review and analyze automated scan results and work with stakeholders to document remediation activities.
  • Monitor the security posture of the information system and report any anomalies.
• Proficiency with Microsoft Office Suite.

Minimum Qualifications:

• Bachelor's degree in computer science, information technology, cybersecurity, or a related field. Experience equivalency will be considered if no degree.
• Minimum of 7 years of experience in information security, with at least 2 years in a leadership or managerial role.

Preferred Qualifications:

• Master's degree in a related field.
• Professional certifications in cybersecurity (e.g., CISSP, CISM, CompTIA Security+) preferred.
• Active Secret Clearance.

The salary range for this position is $120,000 - $135,000 per year.

Pay and Benefits
At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.