(603) Information System Security Officer (ISSO) III
About this role
Company Summary
Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.Â
Position Description: The Information System Security Officer (ISSO) III will support Naval Surface Warfare Center Philadelphia Division (NSWCPD) as a contractor through Arlo Solutions, serving as a key cybersecurity professional for NSWCPD Code 104. This key personnel position is responsible for coordinating cybersecurity processes and activities for assigned systems, ensuring compliance with all applicable policies, and managing security controls implementation throughout the Risk Management Framework (RMF) lifecycle.
Location:Â Â Philadelphia, PA
Clearance:Â Active Secret
Responsibilities and/or Success Factors:
Cybersecurity Compliance and Policy Implementation
- Â Assist the Information System Security Managers (ISSM) in executing their duties and responsibilities
- Ensure compliance with all NAVSEA, DON, and DoD cybersecurity policiesÂ
- Ensure relevant cybersecurity policy and procedural documentation is current and accessibleÂ
- Coordinate cybersecurity processes and activities for assigned systemsÂ
- Report changes in system security posture to the ISSM Security Assessment and Authorization (A&A) ManagementÂ
- Maintain and report Assess Only (AO) and Assessment and Authorization (A&A) status to Program Managers, Information System Owners, and ISSMs
- Provide oversight of Security Plans for assigned systems throughout their lifecycleÂ
- Manage and maintain Plan of Actions and Milestones (POA&M), tracking vulnerabilities through remediationÂ
- Assist with identification of security control baselines and applicable overlaysÂ
- Coordinate the validation of security controls with Navy Qualified Validators (NQV)Â
- Perform Risk Management Framework (RMF) Standard Operating Procedure (SOP) reviewsÂ
- Adjudicate findings from Package Submitting Officer (PSO) System Security Management
- Register and maintain systems in Enterprise Mission Assurance Support Service (eMASS)Â
- Plan and coordinate security control testing during Risk Assessments and Annual Security ReviewsÂ
- Maintain vulnerability data in Vulnerability Remediation Asset Manager (VRAM)Â
- Participate in change control and configuration management processesÂ
- Ensure execution of Continuous Monitoring requirements as defined in system strategiesÂ
- Review all data produced by Continuous Monitoring activities and update eMASS records as necessaryÂ
- Correlate findings from non-RMF vulnerability assessments to RMF controls for holistic risk assessment Cybersecurity Analysis and ReportingÂ
- Perform analysis of logs, events, and reporting from various data collection toolsÂ
- Assess impacts from observed risks and report via the Cybersecurity Program chain of commandÂ
- Present data to management in a comprehensive and cohesive mannerÂ
- Develop reports and produce procedural documentation as requiredÂ
- Evaluate system administrator, security engineer, and/or system owner proposed corrections
Minimum Qualifications Including Certificates:
- Must be a U.S. CitizenÂ
- Active Secret security clearanceÂ
- Bachelor's degree in computer science, information technology, communications systems management, or equivalent STEM degree from an accredited college or universityÂ
- Minimum 6 years of experience coordinating and implementing security changes, ensuring compliance with published policies, conducting cybersecurity vulnerability and threat analysis, and supporting cyber incident responseÂ
- Current IAM-II certification (CAP, CASP+ CE, CISM, CISSP, GSLC, CCISO, or HCISPP)
Desired Qualifications:Â
- Experience with the DoD Information Assessment and Authorization (A&A) processÂ
- Familiarity with Risk Management Framework (RMF) implementationÂ
- Proficiency with eMASS, VRAM, and other DoD cybersecurity systemsÂ
- Experience with NIST Special Publications and DoD/Navy cybersecurity directivesÂ
- Experience with vulnerability management tools (ACAS, HBSS, etc.)Â
- Knowledge of Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
AAP Statement
We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.
Â
Frequently Asked Questions
Is the salary disclosed for the (603) Information System Security Officer (ISSO) III position at arlosolutionsllc?
Where is the (603) Information System Security Officer (ISSO) III position at arlosolutionsllc located?
Which team or department does the (603) Information System Security Officer (ISSO) III at arlosolutionsllc belong to?
How do I apply for the (603) Information System Security Officer (ISSO) III position at arlosolutionsllc?
When was the (603) Information System Security Officer (ISSO) III job at arlosolutionsllc posted?
You'll be redirected to arlosolutionsllc's official application page on Greenhouse.