Senior Information Systems Security Officer

Telophase Corporation is seeking a motivated, career and customer-oriented senior Information Systems Security Officer (ISSO) to join our team.

The ISSO shall ensure the implementation and maintenance of security controls in accordance with the System Security Plan (SSP) in preparation for NIST RMF and 800-53 based independent security assessments and provide strong leadership in the development of a cyber security validation program for mission systems.

Responsibilities:

• Support adoption and implementation of NIST-based standards across the organization in support of multiple mission system authorization boundaries including Cloud-based workloads.
• Support all steps of NIST RMF with strong background in NIST SP 800-53 Revision 5 and 800-53A.
• Participate in the selection of the organization's common security controls and in determining their suitability for use in the information system.
• Review the 800-53 security and privacy controls regarding their adequacy in protecting the planned or operational information system.
• Prepare and review documentation including System Security Plans (SSPs), Risk Assessment Reports, Assessment and Authorization (A&A) packages, and support system authorization activities.
• Implement and enforce organizational information systems security policies, standards, and methodologies.
• Evaluate security solutions to ensure they meet security requirements for processing unclassified/classified information; perform vulnerability/risk assessment analysis to support certification and accreditation. Red Team operations background such as penetration testing is a bonus.
• Manage changes to the information system and assess the security impact of those changes.

Required Skills & Experience:

• Education: Bachelor's or higher in computer science/technical discipline preferred or equivalent work experience.
• 8+ years of experience as an ISSO/ISSM, including experience implementing and enforcing security policies, standards, and methodologies; creating security plans, policies & procedures, SSPs, and Risk Assessment Reports.
• Technical Skills: FISMA, FedRAMP, NIST RMF, NIST 800-53 Revision 5 controls, and Security Control Assessment (SCA) processes. Good understanding of Windows and Linux OS and architecture.
• Knowledge of public cloud providers such as Azure, AWS, and GCP is highly desirable.
• Experience with applications for AWS, Azure, GCP, or other cloud platforms for large-scale, multi-tenant, SaaS systems is highly desirable.
• Experience with security assessments and service offerings of AWS/Azure/GCP preferred.
• Certifications in cloud providers (AWS, Azure, GCP) are highly desirable.
• Cloud Security experience (IaaS and PaaS) preferred.
• Hands-on experience with cloud services (AWS, Azure, GCP) preferred.
• Experience in PaaS, SaaS, CI/CD, Docker, Jenkins, Puppet, Chef, Ansible, Kubernetes preferred.
• Strong understanding of cloud architecture in AWS/Azure/GCP.
• Experience developing applications for cloud platforms for large-scale, multi-tenant SaaS systems is a bonus.
• Must have or be able to attain Public Trust or higher clearance.

Desired Skills & Experience:

• Cybersecurity certifications such as CISSP, CISA, CISM, CEH, GCIH, GCIA, GCFA, GCFE, CDMP, OSCP, OSCE, CDP-DG, or similar.

Work Type:

• Onsite location with some hybrid telework options.

As an Equal Opportunity Employer, Telophase is committed to providing opportunities for all without regard to race, color, religion, sex, national origin, age, citizenship, marital status, sexual preference, parental status, or disability.