DescriptionAs a Vision, Mission, and Driven company, VMD has been delivering information technology solutions to the Federal government in Agile Engineering, Cybersecurity, and Critical Infrastructure Protection since 2002. Our mission has now expanded, and we have merged with Xcelerate Solutions to revolutionize end-to-end enterprise security. Together we are committed to protecting our nation's citizens, critical infrastructure, and resources.
Why Join VMD Corp? At VMD, now a part of Xcelerate Solutions, you have the opportunity to thrive in your career and become a Game Changer. The quality and talent of our people is what drives our success. We embrace an employee-first culture and make it a priority to provide professional development opportunities that foster career growth.We help protect American Citizens and the nation's most critical infrastructure by working alongside our customers and delivering game changing solutions to strengthen their missions. We believe our passion and commitment to achieve our customers' goals and solve their most critical challenges defines who we are. We don't just dream big, we act on it - through teamwork, dedication, and resilience.Learn more about VMD culture here: VMD Culture
About the Mission You Will Join: The Transportation Security Administration (TSA) Office of Information Technology, Technology Solutions Division (TSD) is seeking Security Engineering and Security Compliance for TSA mission critical systems including Secure Flight II(SFII), Vetting and Credentialing System (VCS), Technology Infrastructure Modernization (TIM) System, and the Security Threat Assessment Mission Platform (STAMP) along with additional IT systems to support the TSA Pre•® expansion effort. All systems are used to improve the security of our nation's transportation systems by applying dynamic risk-based, intelligence-driven vetting procedures and enhancing its use of technology. Ensuring compliance with cybersecurity requirements is critical to the success of these mission systems.
Your Impact to the Mission:Do you want to help change the delivery of cybersecurity initiatives and operations in the Federal space? At VMD, we are looking for game-changers to help re-envision cybersecurity in the Federal space and leap takers to help execute on that vision. VMD's cybersecurity services and delivery leverage the following aspects:
- Utilizing fundamentals and embedding them into everyday culture
- Being agile and nimble to adjust responses as necessary
- Making decisions based on data
- Using threat intelligence to determine risk
- Removing manual dependencies from security-related processes where feasible
As a Senior Information System Security Officer (ISSO) you will be responsible to deliver security and compliance expertise leadership to support multiple IT projects, programs, and initiatives. You will be supporting the Risk Management Framework (RMF) process, identifying system vulnerabilities and performing risk analysis, developing remediation plans and POA&Ms, and supporting the organization in reducing the overall cybersecurity risk.The Senior Information System Security Officer (ISSO) will be responsible for:
- Actively participate and lead meetings to review and assess compliance of systems and technology
- Perform risk assessments based on Federal guidelines and industry best practices
- Leveraging existing government-provided security scan tools such as Tenable Security Center, Nessus, DbProtect, Venafi, RedSeal, Burp Suite Pro and others
- Assist teams in identifying vulnerabilities and providing recommendations to reduce cybersecurity risk
- Articulate and report on cybersecurity risk and compliance to executives and senior leaders
- Continually improve the cybersecurity risk assessment and POA&M process and program
- Aggregate and track cybersecurity POA&Ms and risks across projects, teams, and programs
- Monitor and triage security incidents as appropriate for specific systems
- Communicate cybersecurity best practices based on policies, standards, and controls
Experience Needed to Be Successful: - 10+ years of cybersecurity and compliance experience
- Active Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification
- Strong leadership and interpersonal skills to facilitate effective collaboration across a variety of stakeholders
- Demonstrated ability to function independently and define the proper methods & procedures
- Understanding of guiding cybersecurity principles and control guidance
- Effective writing skills to capture issues and recommendations
- Strong customer relationship building ability
Basic Qualifiers: - Education Requirement: Bachelor's degree
- Can Additional Years of Experience Substitute for Degree? No
- Required Certification(s): Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
- Minimum Years of Overall Experience: 10
- Minimum Years of Specific Experience in Field: 10
- Minimum Clearance to Start: Secret
- Work Status Allowable: US Citizen
The Type of Person That Will Excel: - You are curious, inquisitive, and have demonstrated a constant eagerness to learn through actions.
- You have high attention to detail.
- You demonstrate personal accountability and integrity in all actions.
Travel and Telecommuting:- Travel: None
- Telecommute Options: Hybrid. 1 day onsite.
VMD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable Federal, state and local laws. VMD maintains a drug-free workplace.