Tdisecurity
Information Systems Security Office (Cloud)
Tdisecurity, Ashburn, Virginia, United States, 22011
RESPONSIBILITIES
Provide cybersecurity oversight for major CBP applications and general support systems.
Apply ISSO expertise across hybrid enterprise environments, including cloud-native platforms (AWS, Azure, Google Cloud Platform), containerized workloads, and virtualized infrastructure.
Integrate AI/ML-driven security tools (threat detection, anomaly detection, behavioral analytics, predictive risk modeling) into security operations and compliance frameworks.
Develop, draft, review and endorse all information systems security plans and other security authorization artifacts and documents such as standards for Security Categorization of Federal Information and Information Systems (FIPS 199) Assessment, E-Authentication Determination, Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA), Risk Assessment Plan, System Security Plan (SSP), Configuration Management Plan, Contingency Plan, Contingency Plan Test and Test Results, Section 508 Plan, Plan of Action & Milestones (POA&M), Policy waiver and Risk Acceptance request.
Ensure that assigned systems are operated, maintained, and disposed of in accordance with applicable policies and procedures (NIST SP 800-37 Rev. 2; Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy; DHS 4300A Policy and Handbook; CBP Information Systems Security Policies and Procedures Handbook; and internal CBP security policies).
Develop, review, maintain, and provide system security documentation for assigned systems, including System Security Plans, Interconnection Security Agreements, Contingency Plans, Plans of Action and Milestones (POA&M), Waivers, and Exceptions through the DHS FISMA system management tool to implement and manage the NIST RMF.
Complete activities required by the DHS Ongoing Authorization (OA) Program to transition assigned systems into the DHS OA Program and perform actions to maintain system authorization under OA once admitted.
Assist the Government with reporting and management of system-level security violations and incidents.
Assist the Government with technical security evaluation of threats and vulnerabilities involving new/enhanced technology.
Assist the Government with oversight of vulnerability scanning processes and procedures and security patch management/flaw remediation processes.
Assist with development of cyber security SOPs, playbooks, work instructions, and other procedures to mature cyber security capabilities, including considerations for cloud security architectures and AI-enabled systems.
Ensure cloud-based systems and AI applications align with Zero Trust principles and CBP policy.
Lead technical security evaluations of threats, vulnerabilities, and risks specific to cloud workloads and AI-driven technologies.
Oversee vulnerability scanning, patch management, and flaw remediation across hybrid and AI-enabled infrastructures.
Support development of cybersecurity SOPs, playbooks, and AI/automation-enhanced workflows to mature SOC capabilities.
QUALIFICATIONS
Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related discipline (Master’s preferred).
8–12 years of IT/cybersecurity experience (or 6+ years with a Master’s).
5+ years as an ISSO supporting major federal information systems/applications.
Strong systems engineering foundation with proven cloud computing expertise (AWS, Azure, GCP, or equivalent).
Hands-on experience with AI/ML tools for cybersecurity, such as anomaly detection, automated risk scoring, or AI-driven SOC platforms.
Working knowledge of auditing security controls, risk management, and compliance reporting.
Superior writing, communication, and critical analysis skills.
Deep understanding of Information Assurance, Information Management, and NIST RMF.
Must be a US Citizen.
PREFERRED QUALIFICATIONS
ISC2 CISSP
ISC2 CGRC
ISACA CISM
CompTIA CASP+
Cloud certifications (AWS Security, Azure Security Engineer Associate, Google Professional Cloud Security Engineer)
Experience designing/assessing AI governance frameworks, bias/risk mitigation, and secure AI model deployment.
Clearance: All CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program
TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.
“TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.”
#J-18808-Ljbffr
Provide cybersecurity oversight for major CBP applications and general support systems.
Apply ISSO expertise across hybrid enterprise environments, including cloud-native platforms (AWS, Azure, Google Cloud Platform), containerized workloads, and virtualized infrastructure.
Integrate AI/ML-driven security tools (threat detection, anomaly detection, behavioral analytics, predictive risk modeling) into security operations and compliance frameworks.
Develop, draft, review and endorse all information systems security plans and other security authorization artifacts and documents such as standards for Security Categorization of Federal Information and Information Systems (FIPS 199) Assessment, E-Authentication Determination, Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA), Risk Assessment Plan, System Security Plan (SSP), Configuration Management Plan, Contingency Plan, Contingency Plan Test and Test Results, Section 508 Plan, Plan of Action & Milestones (POA&M), Policy waiver and Risk Acceptance request.
Ensure that assigned systems are operated, maintained, and disposed of in accordance with applicable policies and procedures (NIST SP 800-37 Rev. 2; Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy; DHS 4300A Policy and Handbook; CBP Information Systems Security Policies and Procedures Handbook; and internal CBP security policies).
Develop, review, maintain, and provide system security documentation for assigned systems, including System Security Plans, Interconnection Security Agreements, Contingency Plans, Plans of Action and Milestones (POA&M), Waivers, and Exceptions through the DHS FISMA system management tool to implement and manage the NIST RMF.
Complete activities required by the DHS Ongoing Authorization (OA) Program to transition assigned systems into the DHS OA Program and perform actions to maintain system authorization under OA once admitted.
Assist the Government with reporting and management of system-level security violations and incidents.
Assist the Government with technical security evaluation of threats and vulnerabilities involving new/enhanced technology.
Assist the Government with oversight of vulnerability scanning processes and procedures and security patch management/flaw remediation processes.
Assist with development of cyber security SOPs, playbooks, work instructions, and other procedures to mature cyber security capabilities, including considerations for cloud security architectures and AI-enabled systems.
Ensure cloud-based systems and AI applications align with Zero Trust principles and CBP policy.
Lead technical security evaluations of threats, vulnerabilities, and risks specific to cloud workloads and AI-driven technologies.
Oversee vulnerability scanning, patch management, and flaw remediation across hybrid and AI-enabled infrastructures.
Support development of cybersecurity SOPs, playbooks, and AI/automation-enhanced workflows to mature SOC capabilities.
QUALIFICATIONS
Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related discipline (Master’s preferred).
8–12 years of IT/cybersecurity experience (or 6+ years with a Master’s).
5+ years as an ISSO supporting major federal information systems/applications.
Strong systems engineering foundation with proven cloud computing expertise (AWS, Azure, GCP, or equivalent).
Hands-on experience with AI/ML tools for cybersecurity, such as anomaly detection, automated risk scoring, or AI-driven SOC platforms.
Working knowledge of auditing security controls, risk management, and compliance reporting.
Superior writing, communication, and critical analysis skills.
Deep understanding of Information Assurance, Information Management, and NIST RMF.
Must be a US Citizen.
PREFERRED QUALIFICATIONS
ISC2 CISSP
ISC2 CGRC
ISACA CISM
CompTIA CASP+
Cloud certifications (AWS Security, Azure Security Engineer Associate, Google Professional Cloud Security Engineer)
Experience designing/assessing AI governance frameworks, bias/risk mitigation, and secure AI model deployment.
Clearance: All CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program
TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.
“TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.”
#J-18808-Ljbffr