|Title:||Information Systems Security Officer|
|Location:||Patuxent River, MD|
|Company:||Seneca Global Services, LLC|
Seneca Global Services is part of the Seneca Nation Group (SNG) family of companies, which is focused on providing innovative solutions and exceptional services to the federal government. The SNG companies are Tribally owned Native American businesses that leverage the SBA 8(a) Business Development Program, HUBZone certifications and other small business contracting advantages to deliver positive results for our federal government customers.
The Seneca Nation Group companies offer competitive compensation and a strong benefits package including comprehensive medical and dental care, matching 401K, paid time off, flexible spending accounts, disability coverage, and other benefits that help provide financial protection for you and your family. We pride ourselves on our collaborative work environment and culture which embraces our mission of providing financial and non-financial benefits back to the members of the Seneca Nation.
Seneca Global Services is seeking an Information Systems Security Officer (ISSO) to join a technical team that enables our employees to make a difference in supporting our DOD customer and their mission. The ISSO will provide a full range of IT products, services, and solutions and customer services with the goal of protecting the customer’s IT infrastructure at NAVAIR Patuxent River, MD.
Roles and Responsibilities include but are not limited to:
- Establish and implement security procedures and practices in support of Customer goals and current DoD regulations.
- Using knowledge of the Information System (IS) and understanding of established Information Assurance (IA) and Cybersecurity requirements validate security policies and procedures outlined in the System Security Plan (SSP), customer policies & regulations, and ensure local policies are followed.
- Initiate the authorization or re-authorization efforts and process for new or expiring systems and coordinate, schedule, and attend required meetings
- Provide security engineering review of proposed changes or additions to the IS (including hardware, software, or connectivity), and advise the Information System Security Manager (ISSM) of the security relevance.
- Provide systems security or privacy engineer support by conducting systems security or privacy engineering activities as part of the Software Development Life Cycle (SDLC), to include capturing and refining safety and privacy requirements for systems and ensuring that the conditions are effectively integrated into systems and system elements through security or privacy architecting, design, development, and configuration.
- Conduct system assessments, identify/implement modifications to bring systems into compliance, recommend security risk mitigation solutions, assist with preparing packages for validation, and support generation of required system documentation.
- Support the production, fielding, operations, and support phases for new systems and legacy systems – to include services such as pre-test preparations, participation in test events, analysis of results, and development of recommendations.
- Review security controls, security technical implementation guides (STIGs)
- Support vulnerability scans engineering change proposals in conducting their reviews
- Manage the Plans of Action and Milestones (POA&Ms)
- Assist in conducting vulnerability assessments of systems.
- Assist in the administration and monitoring of implementation of the Risk Management Framework (RMF) steps and activities throughout system lifecycle to ensure appropriate compliance.
- Plan and carry out assignments to ensure the program retains its Authorization to Operate (ATO) Collaborate with the Information System Security Manager (ISSM) and Information System Security Engineer (ISSE) to determine Cybersecurity requirements
- Analyze risk assessments and identify impact of potential vulnerabilities Independently develop procedures to generate and maintain required RMF documentation, such as the System Security Plan, Plan of Action & Milestones (POA&M), Continuous Monitoring Strategy and Security Assessment Plan
- Independently develop guidance and assist subordinates through all phases of the RMF workflows within the Enterprise Mission Assurance Support Service (EMASS).
- Communicate closely with internal and external stakeholders.
- Collaborate with the Cybersecurity team to ensure timely certification testing of program security findings and residual risks. Maintain organization chain of command to brief on program status.
- Active DOD TS/SCI
- Demonstrates abilities and success with identifying and addressing client needs, actively participating in client discussions and meetings; communicating a broad range of firm services; preparing concise, accurate documents
- Demonstrated ability to excel both independently and as a team member in a lively, collaborative environment
- DoD 8570 IAM/IAT Level III certification (CISSP or CISM required) before start.
- BS and 5+ years of prior experience, other experience may be considered instead of a degree.
- 5+ years of demonstrated aggregate experience involved in detailed design, installation, and configuration of IT systems and networks per the Department of Defense (DoD) Cybersecurity policies and DISA STIGs, to include the configuration and use of security products.
- 2+ years of demonstrated aggregate experience performing IT application, system, and Network project reviews and providing technical and policy DoD cybersecurity guidance.
Diversity, Equity & Inclusion Statement:
The Seneca Nation Group (SNG) family of companies is committed to building an inclusive work environment that encourages, supports, and celebrates the diversity of our employees. We recognize that an inclusive corporate culture improves how we support our customers and also improves the collective impact we can make in our communities.
Equal Opportunity Statement:
Seneca Nation Group (SNG) provides equal employment opportunities to all employees and applicants without regard to race, color, religion, sex/gender, sexual orientation, national origin, age, disability, marital status, genetic information and/or predisposing genetic characteristics, victim of domestic violence status, veteran status, or other protected class status. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation and training. The Company also prohibits retaliation against any employee who exercises his or her rights under applicable anti-discrimination laws. Notwithstanding the foregoing, the Company does give hiring preference to Seneca or Native individuals. Veterans with expertise in these areas are highly encouraged to apply.
Covid-19 Workplace Safety Policy
SNG has implemented a COVID-19 Workplace Safety policy to comply with recently implemented U.S. government requirements. Our COVID-19 Workplace Safety policy requires all employees to be fully vaccinated or receive an accommodation under the policy by the deadline defined in the requirements. Consistent with available guidance, SNG recognizes accommodations to the COVID vaccine requirements for sincerely held religious beliefs or medical reasons, including because the individual is pregnant or attempting to become pregnant. All accommodation requests must be submitted to the SNG Human Resources department. SNG will continue to monitor the guidance and update this policy as appropriate
Alternatively, you can apply to this job using your profile on one of the following sites: