ISSO with Security Clearance
Noetic Strategies, Inc. · Gaithersburg, MD · 1 mo ago
Information Technology$90k/yrFull-time
Main Responsibilities
- Conduct security and risk assessments utilizing NIST RMF, ICD 503, DoD, Common Criteria, and other applicable cybersecurity frameworks.
- Develop and implement risk mitigation strategies that support mission objectives, security compliance requirements, and operational effectiveness.
- Maintain and update System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), Security Impact Assessments, CONOPS documentation, and Information Technology Disaster Recovery (ITDR) plans.
- Manage Assessment and Authorization (A&A) activities and coordinate accreditation efforts with Designated Authorizing Officials (DAOs) and government stakeholders.
- Maintain accreditation artifacts and security records within ServiceNow, XACTA 360, and other enterprise security management platforms.
- Drive security changes and accreditation milestones through review boards, governance processes, and security working groups.
- Perform security audits, compliance assessments, and control reviews to validate security posture and regulatory compliance.
- Support vulnerability management activities, including scanning, assessment, reporting, mitigation tracking, and remediation verification using ACAS and Nessus.
- Coordinate with system administrators, engineers, and technical teams to remediate vulnerabilities and manage POA&M activities.
- Track, document, and report security findings, risks, vulnerabilities, and remediation status to leadership and stakeholders.
- Evaluate security architectures, defense-in-depth strategies, and Zero Trust implementations against emerging threats and known vulnerabilities.
- Provide guidance on secure software development, hardware implementation, government security requirements, and industry best practices.
- Support patch management activities and respond to cybersecurity directives, notices, and operational taskings.
- Manage security profiles, access controls, user provisioning, and identification, authentication, and authorization mechanisms.
- Maintain records associated with system configurations, upgrades, patches, and connectivity requirements.
- Evaluate and recommend security solutions, implementation strategies, and improvements to enhance the security posture of systems and services.
- Provide security awareness guidance and support user access approval processes.
- Communicate cybersecurity risks, compliance status, and security recommendations to technical teams, management, and customer stakeholders.
PREFERRED QUALIFICATIONS
- NGA experience.
- Intelligence Community experience.
- 3+ years of experience analyzing and remediating vulnerability scan results using Nessus, Tenable Security Center, ACAS, or similar enterprise vulnerability management tools.
- Active Certified Information Systems Security Professional (CISSP) certification.
- Active Certified Information Security Manager (CISM) certification.
- Experience supporting classified environments across Unclassified, Secret, and Top Secret domains.
- Experience implementing Zero Trust architectures and defense-in-depth security strategies.
- Familiarity with NGA, DoD, DISA, NIST, and Intelligence Community cybersecurity policies and standards.
Benefits
Noetic Strategies offers a competitive salary, comprehensive benefits package, and a collaborative work environment that promotes professional growth and technical excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Noetic Strategies is an Equal Opportunity Employer and considers all qualified applicants without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, or gender identity.