Senior Information System Security Officer

<p><span style="font-family: helvetica, arial, sans-serif;">Join our team at Core One! Our mission is to be at the forefront of devising analytical, operational and technical solutions to our Nation's most complex national security challenges. In order to achieve our mission, Core One values people first! We are committed to recruiting, nurturing, and retaining top talent! We offer a competitive total compensation package that sets us apart from our competition. Core One is a team-oriented, dynamic, and growing company that values exceptional performance!</span></p> <p><span style="font-family: helvetica, arial, sans-serif;">Core One is seeking<strong> Senior Information System Security Officer</strong> to support a new application development project in the IC. This position requires a <strong>TS/SCI w/ Poly</strong> clearance.</span></p> <p><span style="font-family: helvetica, arial, sans-serif;">The Senior Information System Security Officer is responsible for implementing and maintaining cybersecurity controls, ensuring compliance with federal regulations, and guiding information systems through the Customer’s A&amp;A process. This role requires a deep understanding of federal cybersecurity standards, proactive engagement with stakeholders, and the ability to operate independently in a fast-paced environment.</span></p> <p><span style="font-family: helvetica, arial, sans-serif;"><strong>Key Responsibilities:&nbsp;</strong></span></p> <ul> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;">Lead and execute activities across all RMF phases (Prepare, Categorize, Select, Implement, Assess, Authorize, Monitor).</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;">Develop, review, and maintain accreditation artifacts including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessments, and POA&amp;Ms.</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;">Monitor compliance with NIST 800-53, 800-171, ICD 503, FedRAMP, FISMA, and agency-specific policies. Prepare for and support audits, inspections, and assessments.</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;">Conduct vulnerability scanning, compliance checks, risk assessments, and remediation tracking using tools such as Nessus or Tenable.sc.</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;">Create and maintain security documentation, continuous monitoring strategies, incident response plans, and compliance reports. Provide briefings and status updates to leadership and Authorizing Officials.</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;">Collaborate with system owners, engineers, and developers to ensure security is integrated into design, development, and operations.</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;">Support investigation, response, and remediation of security incidents.</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;">Manage account recertifications, access reviews, and deliver security awareness training at the system level.</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;">Serve as the primary cybersecurity point of contact for assigned systems, ensuring clear communication with internal and external stakeholders.</span></li> </ul> <p><span style="font-family: helvetica, arial, sans-serif;"><strong>Required Qualifications&nbsp;</strong></span></p> <ul> <li style="font-family: helvetica, arial, sans-serif;"><span class="TextRun SCXW125394537 BCX8" lang="EN-GB" data-contrast="auto"><span class="NormalTextRun SCXW125394537 BCX8">Bachelor’s Degree, or more advanced degree, in Information Technology, Computer Science, Cybersecurity, Computer Engineering, or Information Systems or related field</span></span><span class="EOP SCXW125394537 BCX8" data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}">&nbsp;</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span class="TextRun SCXW68687641 BCX8" lang="EN-GB" data-contrast="auto"><span class="NormalTextRun SCXW68687641 BCX8">5+ years of cumulative experience spanning IT systems administration, cybersecurity compliance, IT system troubleshooting, and incident </span></span><span class="EOP SCXW68687641 BCX8" data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:276}">&nbsp;</span></li> <li style="font-family: helvetica, arial, sans-serif;">6+ years of experience in a role such as Information Systems Security Engineer (ISSE), accrediting Sponsor programs</li> <li style="font-family: helvetica, arial, sans-serif;"><span class="NormalTextRun SCXW218882466 BCX8">Experience with completing new system(s) authorization and accreditation through the Sponsor’s Authorization and Accreditation (A&amp;A) processes, procedures, security requirements, and systems (</span><span class="NormalTextRun SCXW218882466 BCX8">e.g.</span><span class="NormalTextRun SCXW218882466 BCX8"> Greenlight)</span><span class="EOP SCXW218882466 BCX8" data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}">&nbsp;</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span class="EOP SCXW218882466 BCX8" data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}"><span class="TextRun SCXW17696205 BCX8" lang="EN-GB" data-contrast="auto"><span class="NormalTextRun SCXW17696205 BCX8">Experience using the Sponsor’s A&amp;A process to accredit systems built on C2E or C2S Amazon Web Services</span></span> </span></li> <li style="font-family: helvetica, arial, sans-serif;"><span class="NormalTextRun SCXW267595056 BCX8">Experience in security policy, counterintelligence, and security controls</span></li> <li style="font-family: helvetica, arial, sans-serif;"><span class="NormalTextRun SCXW228604331 BCX8">TS/SCI w/ Poly Clearance</span><span class="EOP SCXW228604331 BCX8" data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}">&nbsp;</span></li> </ul> <p><span style="font-family: helvetica, arial, sans-serif;"><strong>Desired Qualifications:</strong></span></p> <ul> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;"><span data-contrast="auto">Certified in AWS or equivalent cloud technology</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}">&nbsp;</span></span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;" data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}"><span class="TextRun SCXW186308652 BCX8" lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW186308652 BCX8">Security+, Certified Information System Security</span></span><span class="EOP SCXW186308652 BCX8" data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}">&nbsp;</span></span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;" data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}"><span class="TextRun SCXW189004980 BCX8" lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW189004980 BCX8">Professional (CISSP), Certified Information Security</span></span><span class="EOP SCXW189004980 BCX8" data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}">&nbsp;</span></span></li> <li style="font-family: helvetica, arial, sans-serif;"><span style="font-family: helvetica, arial, sans-serif;" data-ccp-props="{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559739&quot;:240,&quot;335559740&quot;:240}"><span class="TextRun SCXW135068157 BCX8" lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW135068157 BCX8">Manager (CISM), or equivalent</span></span></span></li> </ul> <p><span style="font-family: helvetica, arial, sans-serif;"><em>Core One is an&nbsp;Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation,&nbsp;national origin, or protected veteran status and will not be discriminated against on the basis of disability.</em></span></p> <p><span id="__symantecMPKIClientDetector" style="display: none;">__PRESENT</span></p> <p><span id="__symantecMPKIClientDetector" style="display: none;">__PRESENT</span></p> <p><span id="__symantecMPKIClientDetector" style="display: none;">__PRESENT</span></p>