Tista Science and Technology Corporation

Information System Security Officer (ISSO)

Job ID 2024-5184
Job Locations US-Remote-United States

Overview

Exciting Future Job Opportunities at TISTA: Information System Security Officer (ISSO)

 

NOTE: We are not currently hiring for this position but will be soon. In anticipation of us hiring for this role, feel free to apply and we will keep your resume in our database.

 

At TISTA, we are dedicated to pushing the boundaries of technology to develop innovative solutions. Our team is comprised of passionate, talented professionals who are committed to making a meaningful impact.

 

Not sure which header is more fitting! Open to anything you suggest.

Why you’ll love working at TISTA:

  • Comprehensive Benefits: Paid Life Insurance, Short-term & Long-term Disability, 401K Match, health, dental, vision, an Employee Assistance Program, Military Leave, and more!
  • Flexible Work Arrangements: Remote Working Options
  • Professional Growth: Tuition Reimbursement Training/Certification opportunities
  • Inclusive Culture: Thrive in a vibrant, inclusive company culture that values collaboration, diversity, and work-life balance.

Stay Connected:

Follow us on LinkedIn for updates on this job and other exciting opportunities.

Responsibilities

  • The person filling this role will work as part of a team of IT Security professionals who support the security compliance and cloud initiatives of the agency
  • Conduct security assessment and authorization activities and tasks and obtain an Authorization to Operate (ATO) in line with NIST and client guidance and directives 
  • Determine the baseline IT Security requirements for IT Systems, diagram system authorization boundaries, determine system categorization based on FIPS-199 
  • Manage IT system vulnerabilities
  • Conduct technical evaluation and system design review to assess the effectiveness of existing controls and provide meaningful recommendations 
  • Monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes, and propose and take corrective action as appropriate 
  • Assist in Federal Information Processing Standard (FIPS) categorization of applications/systems 
  • Participate in risk assessments, vulnerability scans and penetration testing of new and existing systems to identify, investigate and document security weaknesses 
  • Document and implement security controls using NIST standards
  • Review and generate authorization and assessment system documentation as needed: System Security Plans (SSP), Configuration Management Plans (CMP), Security Assessment Reports (SARs), Privacy Threshold Assessments (PTA), Privacy Impact Analysis (PIA), Disaster Recovery Plans (DRP), Information System Contingency Plans (ISCP), Incident Response Plans (IRP), Risk Assessment Reports (RARs), Standard Operating Procedures (SOPs) and Plans of Action and Milestones (POA&MS)
  • Create and maintain project content in the Governance, Risk, and Compliance (GRC) tool per client’s guidance
  • Identify and report detailed Plan of Action and Milestone (POA&Ms); manage and monitor for corrective actions 
  • Review and analyze system scan reports
  • Provide guidance on security requirements for systems hosted in cloud (including FedRAMP) versus on-premise 
  • Research and stay up-to-date on industry standards and any new vulnerabilities and risks 
  • Assess systems to analyze risk and report weaknesses findings 
  • Work with developers and DBAs in addressing findings 
  • Assess and review current technology infrastructure to identify key risk areas, and ensure adequate levels of controls are in place to address those risks 
  • Participate in and support internal and external compliance initiatives including audit requests, tabletop exercises, security training, and other tasks associated with improving the company’s security posture 

Qualifications

  • 5+ years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field 
  • Recognized IT security and cloud certifications
  • Fundamental understanding of cloud security
  • Demonstrates a proficiency with developing, maintaining and managing security authorization and assessment packages 
  • Experience with developing, managing and mitigating POA&Ms 
  • Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities 
  • Technical experience with reviewing vulnerability scans and providing mitigation recommendations
  • Possess experience in participating in Security Control Assessments (SCA)
  • Experience writing security related documentation, policies and procedures
  • Experience with NIST Special Publications and guidance 
  • Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment 
  • Experience with maintaining security packages in a Governance, Risk, and Compliance tool 
  • Strong written and oral communication skills

  

Education: 

  • Bachelor’s degree or higher in Computer Science, Information Technology, Information Security, or similar fields
  • 5+ years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field 
  • 10 years of additional relevant experience may be substituted for education 
  • Required Certifications: 
    • Certified Cloud Security Professional (CCSP)
    • MS AZ-900 (Microsoft Azure Fundamentals)
  • Desired Certifications: 
    • Certified Information Systems Security Professional (CISSP)
    • Certified Authorization Professional (CAP)

Location: 

  • Remote

Clearance: 

  • Public Trust 

Salary Inforamtion: 

  • The pay for this position ranges from $110,000 to $125,000.
  • The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location.
  • Also, certain positions are eligible for additional forms of compensation, such as bonuses.
  • TISTA associates are eligible to participate in our comprehensive benefits plan! More information can be found here: https://tistatech.com/working-at-tista/

 

 

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed