Information System Security Officer II

Goldbelt Hawk designs, develops, and implements comprehensive solutions for problem spaces, including computer security, scalable architectures, advanced analytics, artificial intelligence, and network / data center operations. Specializing in local and enterprise-level incident response and forensic analysis, Hawk's personnel deliver threat analysis and reporting while implementing solutions based on mature planning and development practices.

Goldbelt Hawk has an immediate need for a Top Secret cleared Information Systems Security Officer (ISSO) in Washington, DC. The work site is in downtown Washington, DC. Telework is available during the COVID pandemic at the discretion of the Federal Program Manager.

1. Provides ISSO support to a classified system or systems.
2. Serves as the principal advisor to the Information System Owner (SO), Business Process Owner, and the Chief Information Security Officer (CISO) / Information System Security Manager (ISSM) on all matters, technical and otherwise, involving the security of an information system.
3. Supports cybersecurity engineering tasks such as developing security specifications / architecture / plans, developing, implementation / support of trusted computing bases.
4. Ensures compliance with annual Federal Information Security Management Act (FISMA) deliverables and reporting.
5. Ensures security awareness and precautionary measures are exercised to prevent the introduction and / or proliferation of malicious code or other adverse IS conditions. This includes exercise of continuity and / or disaster recovery plans, as required.
6. Promotes an environment of continuous process improvement and team collaboration.
7. Works closely with the Technical Teams to maintain the various system and applications Assessment & Authorization (A&A) status within the Risk Management Framework (RMF).
8. Researches and maintains knowledge of Information Assurance (IA) policies and practices.
9. Develops and maintains System Security Plans (SSPs) and all other system security documentation, reviewing and updating them at least annually for all assigned systems.
10. Supports risk assessment and evaluation activities throughout the site accreditation process.
11. Reviews risk assessment reports, supports analysis of the findings, and provides expert technical guidance for mitigation strategies, including implementation advice on cybersecurity risk findings and other complex problems.
12. Provides guidance, oversight, and expertise; develops and implements security documents and controls as required.
13. Coordinates and facilitates the timely completion of security-related tasks.
14. Ensures that security-related Standard Operating Procedures (SOPs) are developed and maintained.
15. Initiates, with ISSM or SO approval, protective and corrective measures when a security incident or vulnerability is discovered.
16. Ensures system security requirements are addressed during all phases of the Information System (IS) lifecycle.

1. Expertise in cybersecurity policy, procedures, and processes, including RMF and NIST 800-53 and A&A's.
2. Familiarity with information security and assurance principles and supporting technologies.
3. Excellent customer service, organizational, and writing skills.
4. Willingness to commute to client site(s) up to 5 days a week, with possible hybrid telework arrangements.

1. Bachelor’s degree in a related field; experience in lieu of a degree acceptable.
2. Minimum five (5) or more years of relevant experience.
3. Top Secret personnel clearance with eligibility for access to SCI.

1. One or more of the following certifications are preferred: Security+, CAP, CISSP, CISM, GSEC, GCIH, or GSLC.

Goldbelt offers a competitive salary based on qualifications and experience, along with comprehensive benefits including medical, dental, vision insurance, a 401(k) plan with company matching, paid time off, and professional development opportunities.