Senior Information Systems Security Officer ISSO
Cadre5 · Knoxville, TN · 4 mo ago
On-siteInformation TechnologyFull-time
Duties and Responsibilities
- Provide assistance to the ISSM and CISO in the certification and accreditation (C&A) of systems/networks and implementation of cybersecurity requirements and procedures across the client site.
- Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures and as outlined in applicable System Security Plans (SSPs).
- Perform documented procedures for authorizing users to access information systems.
- Develop and maintain SSPs for system C&A.
- Manage Plans of Action and Milestones to closure for information systems under accreditation.
- Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices.
- Escalate questions/concerns/issues to more senior-level staff as required.
- Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls.
- Identify, promote, and make recommendations for process improvements.
- Affirm annual self-inspections, system certification testing, periodic security testing, and functional testing on systems/networks.
- Ensure compliance of all network equipment with applicable DOE and ORNL requirements.
Qualifications
- Bachelor’s degree with 5-8 years of relevant experience (ex. cybersecurity assessments, risk management, cybersecurity policy, and compliance, etc.).
- An equivalent combination of education and experience may be considered.
- Strong analytical and organizational skills as well as problem solving capabilities to understand Cybersecurity risk and exposure (legal, regulatory violations, etc.) to ORNL.
- Excellent interpersonal, verbal, written, and presentation communication skills.
- Thorough understanding of industry standards and regulations including NIST 800-53, NIST Risk Management Framework, and NIST Cybersecurity Framework (CSF).
- Working knowledge of privacy regulations and impacts.
- Ability to work independently, meet deadlines, and uphold high ethical standards.
Benefits
- Excellent pay and benefits, to include full medical, dental, and vision coverage coupled with 401K match, 15 days PTO, and 10 holidays.
- Cadre5 is an equal opportunity employer.
- Cadre5 is an E-Verify Employer.