Information Systems Security Officer

Recro, a Certified Small Business, helps federal agencies achieve their goals through IT infrastructure, cybersecurity, DevOps, cloud services, and digital transformation. We prioritize innovation, employee growth, and a collaborative work environment, guided by our core value - to make a difference.

Currently, Recro is seeking a motivated, career and customer oriented ISSO to join our team in Ft. Meade, MD .

Clearance

• TS/SCI (FS Poly)

Overview/Responsibilities:

The candidate will be responsible for security architecture and systems engineering supporting projects (primarily MFAMS, TITUS and JBlocks). The ISSO will provide guidance to the team to support system accreditation (IATT and ATO).

• Prepare system security plan (SSP) and provide recommendations to assist in obtaining ATOs.
• Identify, develop (either directly, or in coordination with applicable experts), review and incorporate common artifacts found in an RMF accreditation package such as: system architecture and boundaries, hardware and software lists, risk assessment reports, POA&Ms, data flows, and other necessary system, network, and application documentation.
• Work with ISSM and DAOs to ensure systems obtain and maintain accreditation.
• Verify package submissions have met the threshold for approval such as: C&A Package for System Reauthorization, SAR Findings, CTO's, POA&Ms, and System Security Plans (SSPs).
• Apply continuous monitoring techniques to evaluate the systems security posture.
• Create tasking for developers and system administrators as changes and patching are required.
• Oversee the implementation of software patches to maintain the security posture of the organization.
• Responsible for implementing, and enforcing information systems security policies, standards, and methodologies.
• Familiarity with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus) necessary to identify and document compliance.
• Review Audit Logs on a weekly basis.
• Perform Data transfers on a weekly basis driving from CACI Hanover Office to Ft. Meade.
• Maintain and report assessment and authorization statuses and issues in accordance with organizational guidance.
• Understand the PRIVAC process. Support personnel with new PRIVAC requests and extensions.

Required Qualifications:

System Administrator Level 1 LCAT:

• Bachelor's degree in a technical discipline from an accredited college or university
• Seven (7) years relevant work experience. Four (4) years of additional experience may be substituted for a bachelor's degree.
• At least four (4) years of this experience must be as an ISSO on programs and contracts of similar scope, type, and complexity.

ISSO Level 2 LCAT:

• Bachelor's degree in Computer Science or related discipline from an accredited college or university
• Ten (10) years experience as an ISSO on programs and contracts of similar scope, type, and complexity is required. Four (4) years of additional experience as an ISSO may be substituted for a bachelor's degree.

Required Skills:

• Experience is to include at least two (2) of the following areas:
• Knowledge of current security tools
• Hardware/software security implementation
• Communication protocols
• Encryption techniques/tools.
• Experience with:
• The ICD 503/NIST 800-53 certification and accreditation process
• The Risk Management Framework
• Developing and maintaining SSPs
• IAVA review and handling
• Interpreting Security Scan results
• Interfacing with System Administrators and Software Engineers
• Task tracking systems (e.g. Jira, Redmine, ServiceNow)
• Understands:
• Public Key Infrastructure-based authentication
• A variety of security policies, especially within the IC
• fundamentals of technical security risk assessment
• Understands how to perform analysis of alternative
• Able to clearly communicate ideas and status updates to management and other stakeholders
• This position has been designated as requiring IAM Level 1 CWIP certification and requires one of the following baseline certifications to qualify
• CAP, CND, Cloud+, GSLC, Security+ CE, HCISPP, CASP+CE, CISM, CISSP (or Associate), CCISO

Benefits at Recro

• 100% paid medical, dental, and vision
• 401k - 6% matching and 401k profit sharing
• PTO - 120 Hours
• Federal Holidays
• Education and Tuition Reimbursements
• Wellness Benefits
• A lot of cool gear!

Working at Recro

• A Great Culture - We are building a culture at Recro where amazing people (like you) can do their best work. If you are ready to grow your career and recro (re-invent) the way our clients operate, you have come to the right place.
• A Great Place to Work - Employees are treated like people, not line items. We work smart when we can and hard when we must but we always do it together, as a team. We are a team with tons of passion and enthusiasm to blaze new trails and improve the state of our clients, the broader community, and even the world.
• A Great Place to Contribute - We believe diverse perspectives improve each challenge that we face. We trust and enable our amazing people to accomplish amazing feats. At Recro, you will be empowered to deliver your best work.
• A Great Place to Grow - We believe in our people and maximizing your potential. At Recro, we continue to look into the future and invest in each other through teamwork, collaboration, and training.