Ensures that security policies, procedures, and directives of the National Industrial Security Program Operating Manual NISPOM DCID 6 3 and JAFAN 6 3 manuals are followed. Maintains the oversight and compliance of existing information systems through technical reviews and system auditing. Interfaces with program management and customers on security requirements implementation, required documentation, and classification management. Provides information systems security guidance awareness and trai... more details
Information Systems Security Officer / Auditor
Job LocationsUS-DC-Washington
Requisition ID
2024-146107
Position Category
Cyber Security
Clearance
Secret
Sector
Citizen Security & Public Services
Responsibilities
Ensures that security policies, procedures, and directives of the National Industrial Security Program Operating Manual NISPOM DCID 6 3 and JAFAN 6 3 manuals are followed. Maintains the oversight and compliance of existing information systems through technical reviews and system auditing. Interfaces with program management and customers on security requirements implementation, required documentation, and classification management. Provides information systems security guidance awareness and training and participates in customer security inspections and reviews. Manages, develops, prepares, implements, and maintains security plans, standard operating procedures (SOPs), security tests, and evaluation plans. Collaborates with internal security and IT staff to ensure the continued compliance and secure operation of accredited information systems. Keeps abreast of industry best practices and trends, as well as new technologies, and then plans and advises for implementation.
Key Responsibilities:
Conduct monitoring, inspection, investigation, and audits to safeguard against threats and hazards to the integrity, availability and confidentiality of USAID data or information systems.
Perform custom and predetermined audits and monitor usage trends to prevent unauthorized usage, suspected fraudulent usage, or excessive usage.
Assist in the resolution of POA&Ms as measured by cyber hygiene, cyberscope, CDM program, SA&A, Penetration Testing and various audits to meet OMB/GAO/DHS compliance.
Support OIG, FISMA, and other audits such as M/CFO Federal Managers Financial Integrity Act (FMFIA), Government Management Reform Act (GMRA), and Department of Homeland Security (DHS) Audits.
Develop and grow existing and new team members to foster collaboration, career development, and a culture of ownership and accountability.
Conduct security audits on USAID tools (such as Firewall rules).
Conduct monthly audits consistent with SLAs.
Collaborate with the government to conduct compliance reviews for audits and forensic analysis.
Provide monthly audits as outlined in the SLAs.
Provide ISSO support for USAID Business Service systems across all SDLC stages following NIST 800-37 RMF guidelines.
Perform or support activities defined in the NIST RMF to obtain and maintain FISMA compliance; work with the Inspector General (IG) auditing team in support of FISMA audit and RMF assessment teams in support of the SA&A process.
Identify continuous monitoring capabilities, security controls and/or documents that have not yet been developed or do not meet the specified (specification) security requirement, and work toward maturing these objectives within a timeframe agreed to with the SO and the CISO.
Participate in Disaster Recovery testing per Contingency Plans maintained by ISSO and in the annual COOP exercise as required.
Ensure that individual system auditing support enterprise cyber security monitoring and vulnerability solutions with a common operational picture.
*Contingent on Contract Award*
Qualifications
Basic Qualification:
U.S. Citizen
An active SECRET or the ability to obtain a SECRET Clearance.
Bachelor’s degree with 5 – 7 years, master’s degree with 3 - 5 years, or PhD with 0 – 2 years; four (4) years of experience can be substituted in lieu of a bachelor’s degree.
Must hold a Certified Information Systems Security Professional (CISSP) certification.
Experience with effective policy, instruction, and development for Federal or DoD Information Security Programs.
Experience performing Security Control Assessments in accordance with NIST 800 guide series.
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.
Target Salary Range
$66,000 - $106,000. This represents the typical salary range for this position based on experience and other factors.
Job Abstracts is an independent Job Search Engine. Job Abstracts is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Job Abstracts uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder. Job Abstracts does not have its members apply for a job on the jobabstracts.com website. Additionally, Job Abstracts may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.
We would like to take a second to Welcome You to Job Abstracts, the nation’s largest Pure Job Board. With over 3.1 million job listings from 15,000+ Companies & Organizations, we help job searchers find careers that match their interests. As an anonymous user, you have probably discovered how easy our system is to use. However, you have just scratched the surface of what we can offer.
We encourage you to Register so you can use our most powerful features: searching with multiple terms, setting up multiple locations, establishing favorite companies, and accessing your search history. If you find a job you like, you can apply directly for it, and then, keep notes on it. We will also keep a lookout for jobs that match your search terms and email you when we find something you may like.
You can register for free and the system is free to use. If you like our system so far, click on Register and unlock the power required by serious job searchers.
Any time you conduct a search, the system shows you job matches, ranked by their Relevance Score (RS).
The score is calculated by a proprietary algorithm that uses Intelligent Machine Learning.
The Relevance Score tells you how well the job opportunity matches your search term or terms.
When not logged in, the system is limited to one search term. Scores for single term matches are usually lower.
When you register, log in, and set up multiple terms prioritized by importance, the jobs found for you will receive a much higher Relevance Score.