RIT Solutions, Inc.
Information System Security Officer
RIT Solutions, Inc., Atlanta, Georgia, United States, 30383
Role: Information System Security Officer
Location: 100% on site in DC (Georgetown mostly, may travel to some client sites in DC when needed)
Screening Questions : The only screening question is if the candidate is willing to relocate to DC and willing to travel up to 25% of the time....Let's focus on local candidates in the DC area and make sure they are willing to travel if/when needed. The travel would only be a few times a year.
The Role We're seeking dedicated and motivated individuals with Systems Administration, Software Development, or Systems Engineering backgrounds to join our team as an FSR Information System Security Officer (ISSO) to support solution accreditation for government agencies. You will collaborate with other engineers to ensure security policies and settings are in place, build standardized security documentation, and generate evidence of compliance once settings have been applied.
There is no typical day for our FSR ISSOs. We operate software in diverse environments around the world, including AWS, Azure, on-premises, and at all classification levels. Correspondingly, each customer has different security requirements. We will rely on you to ensure the ongoing security and trust of these clients via hands-on access and coordination with other teams.
Core Responsibilities Achieve Client for client's software across multiple government customers with minimal oversight. Conduct and manage continuous monitoring activities of assigned systems. Partner with engineers to analyze software, interpret security requirements, and plan effective control implementations. Provide outstanding customer service, policy expertise, and high-quality documentation. Serve as the primary in-person point of contact for one or more Government customers on cybersecurity and compliance requirements and questions. Independently interpret the findings of vulnerability scanning utilities such as ACAS (Tenable Nessus) and SCAP (STIG benchmark) and manage a Plan of Actions and Milestones (POA&M) for remediation of findings.
What We Value
Ability to create clear and concise technical documentation, stay organized, and utilize strong attention to detail Ability to analyze software implementation and compare with existing security requirements Understanding of configuration management and automation systems such as a Puppet, Terraform, CloudFormation, Chef, or Ansible Comfort using a Version Control System such as Git Familiarity with and ability to independently use vulnerability scanning utilities such as Nessus and OpenSCAP Specific experience working in cloud and on premises environments such as Amazon Web Services (AWS) Experience accrediting IT systems against Government standards including NIST SP 800-53, CNSSI 1253, and the DISA STIGs, using frameworks like DOD RMF, ICD 503, or DIACAP.
Requirements
Background in systems administration, software development, systems engineering, or deep familiarity with Linux operating systems Specific experience using the eMASS or Xacta accreditation management software systems Active DOD 8570 Certification (e.g. CISSP or Security+), or ability to obtain within one month of start date Be at clients Washington, DC office or customer site in the DC Metropolitan area 5 days per week, and be willing to travel domestically and internationally 25% of the time if needed Active IAT II certification
Screening Questions : The only screening question is if the candidate is willing to relocate to DC and willing to travel up to 25% of the time....Let's focus on local candidates in the DC area and make sure they are willing to travel if/when needed. The travel would only be a few times a year.
The Role We're seeking dedicated and motivated individuals with Systems Administration, Software Development, or Systems Engineering backgrounds to join our team as an FSR Information System Security Officer (ISSO) to support solution accreditation for government agencies. You will collaborate with other engineers to ensure security policies and settings are in place, build standardized security documentation, and generate evidence of compliance once settings have been applied.
There is no typical day for our FSR ISSOs. We operate software in diverse environments around the world, including AWS, Azure, on-premises, and at all classification levels. Correspondingly, each customer has different security requirements. We will rely on you to ensure the ongoing security and trust of these clients via hands-on access and coordination with other teams.
Core Responsibilities Achieve Client for client's software across multiple government customers with minimal oversight. Conduct and manage continuous monitoring activities of assigned systems. Partner with engineers to analyze software, interpret security requirements, and plan effective control implementations. Provide outstanding customer service, policy expertise, and high-quality documentation. Serve as the primary in-person point of contact for one or more Government customers on cybersecurity and compliance requirements and questions. Independently interpret the findings of vulnerability scanning utilities such as ACAS (Tenable Nessus) and SCAP (STIG benchmark) and manage a Plan of Actions and Milestones (POA&M) for remediation of findings.
What We Value
Ability to create clear and concise technical documentation, stay organized, and utilize strong attention to detail Ability to analyze software implementation and compare with existing security requirements Understanding of configuration management and automation systems such as a Puppet, Terraform, CloudFormation, Chef, or Ansible Comfort using a Version Control System such as Git Familiarity with and ability to independently use vulnerability scanning utilities such as Nessus and OpenSCAP Specific experience working in cloud and on premises environments such as Amazon Web Services (AWS) Experience accrediting IT systems against Government standards including NIST SP 800-53, CNSSI 1253, and the DISA STIGs, using frameworks like DOD RMF, ICD 503, or DIACAP.
Requirements
Background in systems administration, software development, systems engineering, or deep familiarity with Linux operating systems Specific experience using the eMASS or Xacta accreditation management software systems Active DOD 8570 Certification (e.g. CISSP or Security+), or ability to obtain within one month of start date Be at clients Washington, DC office or customer site in the DC Metropolitan area 5 days per week, and be willing to travel domestically and internationally 25% of the time if needed Active IAT II certification