Yesterday
Top Secret
Unspecified
Unspecified
IT - Security
Suitland, MD (On-Site/Office)
Tyto Athene is searching for an ISSO to support a Government Program Management Office in Suitland, MD.
Responsibilities:
* Provide cybersecurity engineering support as part of the system development life cycle (SDLC). Ensure security requirements are integrated into the system architecture, design, development, testing, assessment, authorization, delivery, and sustainment.
* Apply the cybersecurity risk management framework (RMF) to program information systems in accordance with NIST SP 800-37, DoDI 8510.01, and ICD-503.
* Implement the RMF life cycle steps to achieve system authorization and operation. Build, maintain, and track system's cybersecurity baselines and security authorization documentation using both eMASS and Xacta enterprise platforms.
* Provide support to cybersecurity architecture and assessment & authorization (A&A) processes, ultimately leading to Authority to Operate (ATO) decision.
* Identify and employ cybersecurity best practices for the organization. Create a well-informed plan based on DOD and Navy cybersecurity strategy and manage the adaption process. Incorporate security management into hardware, software, and applications.
* Assist Government managers with information security oversight, policy analysis, IT product acquisition, and program execution in accordance with NIST SP 800-39 and the DoDI 8500.01.
* Engage with Program Managers and technical stakeholders to interpret technical requirements, standards/policies, architectural artifacts, budget development, implementation, auditing, program briefs, and continuous monitoring.
* Perform ACAS scanning, STIG checklist actions, vulnerability assessment/mitigation, implement changes, and review systems to identify potential security weaknesses.
* Prepare documentation including Plan of Action & Milestones (POA&M), Systems Security Plans (SSP), Risk Assessment Reports (RAR), A&A packages, System Requirements Traceability Matrices (SRTM), Annual Security Reviews (ASR), and Security Assessment Reports (SAR).
Required:
* Bachelor's Degree in computer science, cyber security, information systems, or other related technical discipline.
* Six (6) or more years of experience in IT security, including RMF methodology and A&A.
* Active DoD Cyber Workforce IAT Level II certification as a minimum, with specific course completion or renewal certificate.
* Exceptional understanding of DOD cybersecurity policies, RMF steps and structure, A&A process, and gaining system authorization to operate (ATO).
* Some background with Red Hat Enterprise Linux (RHEL) operating system.
* Ability to operate and execute DISA tools, STIG Viewer, eMASSter, and strong familiarity with eMASS and Xacta functionality.
* Strong communication skills with all levels of the IT workforce and can translate complex technical topics for senior decision-makers. Prepare/deliver presentations to leadership.
Desired:
* CISSP, CISA, SSCP, CASP, GSEC, and/or CEH.
Clearance: Active TS clearance with access to SCI as reported in DISS (must have current Tier-5)
Location: Work is located 100% on government site in Suitland, MD
Equal Opportunity Employer: Disability/Veteran
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Responsibilities:
* Provide cybersecurity engineering support as part of the system development life cycle (SDLC). Ensure security requirements are integrated into the system architecture, design, development, testing, assessment, authorization, delivery, and sustainment.
* Apply the cybersecurity risk management framework (RMF) to program information systems in accordance with NIST SP 800-37, DoDI 8510.01, and ICD-503.
* Implement the RMF life cycle steps to achieve system authorization and operation. Build, maintain, and track system's cybersecurity baselines and security authorization documentation using both eMASS and Xacta enterprise platforms.
* Provide support to cybersecurity architecture and assessment & authorization (A&A) processes, ultimately leading to Authority to Operate (ATO) decision.
* Identify and employ cybersecurity best practices for the organization. Create a well-informed plan based on DOD and Navy cybersecurity strategy and manage the adaption process. Incorporate security management into hardware, software, and applications.
* Assist Government managers with information security oversight, policy analysis, IT product acquisition, and program execution in accordance with NIST SP 800-39 and the DoDI 8500.01.
* Engage with Program Managers and technical stakeholders to interpret technical requirements, standards/policies, architectural artifacts, budget development, implementation, auditing, program briefs, and continuous monitoring.
* Perform ACAS scanning, STIG checklist actions, vulnerability assessment/mitigation, implement changes, and review systems to identify potential security weaknesses.
* Prepare documentation including Plan of Action & Milestones (POA&M), Systems Security Plans (SSP), Risk Assessment Reports (RAR), A&A packages, System Requirements Traceability Matrices (SRTM), Annual Security Reviews (ASR), and Security Assessment Reports (SAR).
Required:
* Bachelor's Degree in computer science, cyber security, information systems, or other related technical discipline.
* Six (6) or more years of experience in IT security, including RMF methodology and A&A.
* Active DoD Cyber Workforce IAT Level II certification as a minimum, with specific course completion or renewal certificate.
* Exceptional understanding of DOD cybersecurity policies, RMF steps and structure, A&A process, and gaining system authorization to operate (ATO).
* Some background with Red Hat Enterprise Linux (RHEL) operating system.
* Ability to operate and execute DISA tools, STIG Viewer, eMASSter, and strong familiarity with eMASS and Xacta functionality.
* Strong communication skills with all levels of the IT workforce and can translate complex technical topics for senior decision-makers. Prepare/deliver presentations to leadership.
Desired:
* CISSP, CISA, SSCP, CASP, GSEC, and/or CEH.
Clearance: Active TS clearance with access to SCI as reported in DISS (must have current Tier-5)
Location: Work is located 100% on government site in Suitland, MD
Equal Opportunity Employer: Disability/Veteran
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
group id: 91085617
