Career Opportunities

MID-LEVEL INFORMATION SYSTEM SECURITY OFFICER (ISSO)--Suitland, MD

Active DoD Top Secret Clearance required

Netizen Corporation is seeking an ISSO, to be located in Suitland, MD.  The ISSO will perform automated security scans (weekly or as required by regulation), using automated tools such as Assured Compliance Assessment Solution (ACAS), Center for Internet Security (CIS) Benchmark, Security Content Automation Protocol (SCAP), and Retina. 

PRIMARY RESPONSIBILITIES

•   Analyze scan results and document findings for products as required to successfully complete Collateral and SCI-level security certification testing and evaluation (ST&E) as appropriate for the product. 

•   Scan results and findings are to be documented according to NAVINTEL IA and ICD 503 Risk Management Framework (RMF) processes.

•   Perform ISSO responsibilities per SECNAV M-5239.2, which includes acting as a point of contact for matters of cyber security relating to assigned systems, reviewing audit trail logs and scans, ensuring systems are maintained per security policies and procedures, and maintaining compliance and reporting weekly findings to Vulnerability Remediation Asset Management (VRAM).

•   Conduct research and testing to ensure existing and evolving products/services meet requirements.

•   Document results of security requirements analysis, evaluations, alternatives and risk assessments.

•   Document and execute a plan for each system.

EXPERIENCE

•   Minimum  5-8 years of experience supporting cybersecurity and ISSO processes.

CERTIFICATION

•   IAM Level II (CAP, CASP+ CE, CISM, CISSP (or associate) or GSLC certification) required.

CLEARANCE

•   DoD Top Secret/SCI clearance required.

Information Systems Security Officer (Cybersecurity Engineer) - ACTIVE DOD SECRET CLEARANCE REQUIRED

Netizen Corporation is seeking an Information Systems Security Officer in the Orlando, FL area. This person will apply technical and functional expertise to perform on-site risk assessments and security engineering/advisory for DoD networks, information systems, and applications using standards such as DoD Directive 8510.01, DoD Instruction 8500.01, and NIST Publications. The ISSO (Engineer) will work as a member of a Team providing technical support to protect the DoD’s networks and information systems.

Primary Responsibilities:

· Serve as an Assessment and Authorization (A&A) and Security Engineering (SE) Subject Matter Expert (SME) with proficiency in DoDI 8510.01, Risk Management Framework (RMF) for DoD IT, and affiliated NIST security controls.

· Function as an Information Systems Security Officer (ISSO) advising federal and DoD clients on security protocols and compliance measures for a variety of systems.

· Assist with RMF assessments, including coordination, preparation, execution, and concluding documentation.

· Utilize DoD Information Assurance (IA) scanning tools and techniques (i.e., Nessus, SCAP, STIG Checker, etc.).

· Demonstrate knowledge of network devices and interconnections (i.e., routers, switches, IDS/IPS, firewalls, DNS).

· Demonstrate technical experience in identifying and mitigating and/or remediating vulnerabilities or misconfigurations.

· Perform system administration functions on various operating systems, including Linux, Unix, and networking devices.

· Communicate complex technical and programmatic information to a wide audience, often in the form of verbal and visual updates, technical reports, and/or briefings. Documentation, presentation, and public speaking skills are required.

· Apply understanding of cyber security concepts, practices, and tools to administer classified and unclassified DoD networks and information systems.

· Maintain on-going awareness of emerging cybersecurity threats and trends.

· Develop and maintain the necessary technical documentation and standard operating procedures (SOPs).

Experience:

· At least 7 years of specialized DoD IT/cybersecurity experience.

· At least 4 years of experience conducting NIST RMF assessments and security engineering support.

· Functional knowledge of DoDI 8510.01, CNSSI 1253, NIST 800-53 rev4, and associated controls.

· Knowledge of emerging cybersecurity threats and trends, including an ability to describe highly publicized cyber intrusions within the last year.

· Familiarity with networking, systems administration, and systems engineering practices and technologies.

· Familiarity with Electronic Mission Assurance Support Service (eMASS).

Education Requirements:

· Minimum of an Undergraduate Degree in Computer Science, Computer Engineering, or related engineering-focused discipline is highly preferred.

Certification Requirements:

· I AM Level III  (CISSP certification)

Security Clearance:

· U.S. Citizenship is required.

· Must possess an ACTIVE DoD Secret security clearance. All reported clearances will be validated prior to making an offer of employment.

· Secret Clearance REQUIRED

Netizen Corporation is currently seeking a Navy Qualified Validator (NQV) to support NIWC.

This position is located in Norfolk, VA.

Responsibilities

•   Performs security validations of DoN network, system and application C&A/A&A documentation and supports the completion of RMF requirements, implementation of technical solutions to complex discipline-specific problems.
•   Works with the program office to apply cybersecurity laws, policies, and directives to Navy programs and systems.
•   Provides technical information assurance and cybersecurity analysis support to the Program Office.
•   Ensures POA&M development, tracking, and resolution.
•   Maintains and tracks package security plans. Security plan must provide an overview of the security requirements for the system and describe the security controls in place or planned for meeting those requirements.
•   Provides consultation and review to the Program Office for system registration in eMASS and DITPR-DON.
•   Reviews and updates program documentation, participates in meetings and conferences.
•   Analyzes security architecture down to component level and works with the engineering team to ensure system security requirements are addressed during development.
•   Provides Mitigation and Remediation in support of the C&A/A&A process remotely and/or on-site including reports as required.
•   Works with system owners to develop specific site and system mitigation plans to achieve an overall reduction in residual risk.

Basic Qualifications

Minimum education and experience:

•   Bachelor's degree in related field.
•   Five (5) years of experience in an IT-related field.

Certification:

•   Navy Qualified Validator (NQV) Level II or III certification.
•   Must have IAT Level II certification (Security + CE or higher) 

Minimum qualification:

•   Working knowledge of eMASS, VRAM and ACAS
•   Active secret clearance