TekSynap is seeking an INFORMATION SYSTEMS SECURITY OFFICER (ISSO) for an exciting opportunity in New Orleans, Louisiana.
The ISSO must hold a nationally recognized security certification (e.g. CISSP, CCSP, CSSLP) and have 5+ years of experience equivalent to performing the duties of an ISSO. The ISOO performs the following roles, responsibilities and activities:
- Functions as the program System Owner’s IT security expert.
- Advises the system owner (SO) regarding security considerations in applications systems procurement or development, implementation, operation and maintenance, and disposal activities (i.e., life cycle management). Reports any possible program weakness/vulnerability to the SO
- Assists in the determination of an appropriate level of security commensurate with the level of sensitivity. Coordinates with all stakeholders to ensure that the programs major application maintains confidentiality, integrity and availability.
- Assists in the development and maintenance of security and contingency plans for the program.
- Participates in security impact analysis to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies.
- Participates in security impact analysis of system safeguards and program elements and in authorization and assessment (A&A) of the system for continuous monitoring.
- Meets routinely with the SO to review POA&M (Plan of Actions and Milestones) status.
- Generate draft POA&Ms as needed
- Keep Customer Management abreast of any POA&M issues that affect completion dates
- Issue WCVFs (Weakness Completion Verification Form) to officially close out POA&Ms
- Ensures that the program system documentation in CSAM is current including but not limited to:
- System Identification
- Information Types
- Appendices including but not limited to
- Program PIA (Privacy Impact Assessment)
- PTA (Privacy Threshold Analysis) as needed
- Program BIA (Business Impact Analysis)
- Assessment/Risk reports
- Contingency Plan updates and test results
- Accreditation memos and Authority to Operate (ATO) memos.
- Generate and upload a signed copy of the Program SSP
- Points of Contact
- Ensure that POA&Ms are entered correctly and updated regularly
- Is the point of contact (POC) for all security incidents involving the program and reports Computer Incident Response Team (CIRT)
- Handles and investigates incidents in cooperation with and under direction of the SO and CIRT.
- Provides oversight of vulnerability scanning and assists in penetration testing of systems/networks.
- Ensures all user accounts are disabled within 24 hours of notification of user’s separation from the agency and immediately for individuals being separated for adverse reasons.
- Monitors and reviews security policy, practices, and procedures.
- Ensures the security of all interfaces between the program and external systems, develop and maintain interconnection documentation (ISA, SLA, MOU, and MOA).
- Responsible for maintaining a security certification as specified by policy.
- Responsible for taking annual role-based security training commensurate with the role and keeping security knowledge current.
- Represents program Security in all meetings including but not limited to:
- CMB (Change Management Board)
- Development and Operations Meetings
- Development elaborations and sprints
- Supports the Customer CDM (Continuous Detection and Mitigation) Program
- Ensures that CDM metrics are properly collected
- Update CDM documentation as required
- Coordinate CDM Data Calls
- Ensures that the program Control Allocation Table and Trigger Logs are kept up to date.
- Participates in the Authority to Deploy (ATD) process
- Ensures that deployments do not present unmanageable risks to the Government.
- Reviews all scans
- Works with developers and administrators to address mitigation of findings
- Ensures that the ATD form is completely and accurately filled out.
- Approves deployment of any hardware/application that is shown to be low or no risk to the Government.
- Ensures that all program development meets appropriate NIST SP800-53 controls.
- Bachelor's degree in Computer Science, Computer Engineering, Information Systems and/or equivalent work experience
- 5+ years of Experience performing the duties of an ISSO
- Nationally recognized security certification (e.g. CISSP, CCSP, CSSLP)
- Candidate must have or be able to obtain and retain a satisfactory DOI background investigation. Candidates must be US Citizens or hold a Green Card and a resident of the US for the previous 3 years with no longer than a 90 day absence.
At TekSynap, our employees are our most valuable asset, and we are personally committed to ensuring you and your family stay healthy, feel secure and enjoy a positive work/life balance. Our Managers, HR Team and Senior Leadership are equally dedicated to enabling our workforce to focus on supporting our customers.
We have assembled a variety of effective and dependable benefit plans, backed by some of the industry’s most reputable providers. Our promise to you is that we will continue to refine and improve our benefits offerings, keeping pace with industry trends and innovations, and ultimately, to maximize their effectiveness and value for you – our most valued asset.
- Medical Insurance
- Dental Insurance
- Vision Insurance
401(k) Plan - No Vesting Period
Life and Accidental Death & Dismemberment
Short Term Disability
Long Term Disability
529 College Savings Plan and Student Loan Repayment with Employer Match
Educational Assistance Program
Pet Assure & PET Plus Discount Plans
WORK/LIFE BALANCE AND REFERRAL PROGRAM
Paid-Time Off (PTO)
10 Federal Holidays
Flex time within Pay Period
$5000 Vacation Award after every 5 years of employment
Employee Referral Program
Visit us at www.TekSynap.com. Apply now to explore jobs with us!
- Establish Focus
- Change Management
- Develop Others
- Oral Communication
- Written Communication
- Interpersonal Awareness
- Build Relationships
- Analytical Thinking
- Conceptual Thinking
- Strategic Thinking
- Technical Expertise
- Foster Innovation
- Results Oriented
- Customer Service
WORK ENVIRONMENT AND PHYSICAL DEMANDS
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.
- Location: New Orleans, LA
- Type of environment: Office
- Noise level: Medium
- Work schedule: Schedule is Monday – Friday. May be requested to work evenings and weekends to meet program and contract needs.
- Amount of Travel: Less than 10%
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus.
WORK AUTHORIZATION/SECURITY CLEARANCE
Candidate must have or be able to obtain and retain a satisfactory DOI background investigation. Candidates must be US Citizens or hold a Green Card and a resident of the US for the previous 3 years with no longer than a 90 day absence.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
EQUAL EMPLOYMENT OPPORTUNITY
In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, genetic information or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment.