Job DescriptionTyto Athene is searching for an ISSO to support a Government Program Management Office in Suitland, MD.Responsibilities:
- Provide cybersecurity engineering support as part of the system development life cycle (SDLC). Ensure security requirements are integrated into the system architecture, design, development, testing, assessment, authorization, delivery, and sustainment.
- Apply the cybersecurity risk management framework (RMF) to program information systems in accordance with NIST SP 800-37, DoDI 8510.01, and ICD-503.
- Implement the RMF life cycle steps to achieve system authorization and operation. Build, maintain, and track system's cybersecurity baselines and security authorization documentation using both eMASS and Xacta enterprise platforms.
- Provide support to cybersecurity architecture and assessment authorization (A A) processes, ultimately leading to Authority to Operate (ATO) decision.
- Identify and employ cybersecurity best practices for the organization. Create a well-informed plan based on DOD and Navy cybersecurity strategy and manage the adaption process. Incorporate security management into hardware, software, and applications.
- Assist Government managers with information security oversight, policy analysis, IT product acquisition, and program execution in accordance with NIST SP 800-39 and the DoDI 8500.01.
- Engage with Program Managers and technical stakeholders to interpret technical requirements, standards/policies, architectural artifacts, budget development, implementation, auditing, program briefs, and continuous monitoring.
- Perform ACAS scanning, STIG checklist actions, vulnerability assessment/mitigation, implement changes, and review systems to identify potential security weaknesses.
- Prepare documentation including Plan of Action Milestones (POA M), Systems Security Plans (SSP), Risk Assessment Reports (RAR), A A packages, System Requirements Traceability Matrices (SRTM), Annual Security Reviews (ASR), and Security Assessment Reports (SAR).
Required:
- Bachelor's Degree in computer science, cyber security, information systems, or other related technical discipline.
- Six (6) or more years of experience in IT security, including RMF methodology and A A.
- Active DoD Cyber Workforce IAT Level II certification as a minimum, with specific course completion or renewal certificate.
- Exceptional understanding of DOD cybersecurity policies, RMF steps and structure, A A process, and gaining system authorization to operate (ATO).
- Some background with Red Hat Enterprise Linux (RHEL) operating system.
- Ability to operate and execute DISA tools, STIG Viewer, eMASSter, and strong familiarity with eMASS and Xacta functionality.
- Strong communication skills with all levels of the IT workforce and can translate complex technical topics for senior decision-makers. Prepare/deliver presentations to leadership.
Desired:
- CISSP, CISA, SSCP, CASP, GSEC, and/or CEH.
Clearance:Active TS clearance with access to SCI as reported in DISS (must have current Tier-5)Location:Work is located 100% on government site in Suitland, MDEqual Opportunity Employer: Disability/VeteranAdditional InformationAfter several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your careerit's time to join Team Tyto!