Information System Security Officer in Herndon, VA at Booz Allen Hamilton Inc.

Date Posted: 10/19/2018

Job Snapshot

Job Description

Job Number: R0039429

Information System Security Officer

Key Role:

Serve as the information systems security officer (ISSO) for a multi-tenant, Cloud-based platform. Prepare and review documentation, including Systems Security Plans (SSPs), risk assessment reports, certification and accreditation (C&A) packages, and plan of actions and milestones (POA&M). Prepare system security plan (SSP) in accordance with the applicable governing directive for systems and ensure all networks are maintained respective to SSPs. Review and validate security documentation to ensure necessary security controls are in place and operating as intended. Review and maintain vulnerability scanning tool compliance and reporting to ensure compliance with all applicable directives. Stay informed of any changes to security policies and landscape and ensure that any training or other activities are undertaken to maintain security posture and compliance. Update documentation and specifications of compliance requirements and control inheritance across system products and components.

Basic Qualifications:

-3+ years of experience as an ISSO or information systems security engineer (ISSE) in authorization to operate (ATO) and Federal Risk and Authorization Management Program (FedRAMP) package development

-Experience with FISMA-related activities, including system security plans, contingency plans, incident response plans, configuration management plans, security control requirements and assessments, POA&M, or training requirements

-Experience in providing operational security guidance and IS validation using the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), and local security policies for application infrastructure

-Knowledge of Cloud-based infrastructure and DevSecOps principles and practices

-Public Trust clearance

-BA or BS degree

Additional Qualifications:

-Experience with ATO package development and control inheritance on FedRAMP Approved Cloud Service Providers, including AWS preferred

-Experience with architecting or providing security guidance on Cloud-based multi-tenant platforms and PaaS and IaaS environments

-Experience with Linux, including RHEL

-Knowledge of security controls and monitoring in container-based environments

-Knowledge of Cloud-based networking and infrastructure preferred

-Ability to adapt and adjust risk assessments and prioritizations quickly according to changing technologies or requirements

-BA or BS degree in CS, Information Systems Management, Cybersecurity, or Information Assurance


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Public Trust clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

#LI-AH1, CJ1, DH1, GD15, MPPC

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.