Jobs · Information Technology · Tennessee

Senior Information Systems Security Officer ISSO

Cadre5 · Knoxville, TN · 4 mo ago
On-siteInformation TechnologyFull-time

Duties and Responsibilities

  • Provide assistance to the ISSM and CISO in the certification and accreditation (C&A) of systems/networks and implementation of cybersecurity requirements and procedures across the client site.
  • Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures and as outlined in applicable System Security Plans (SSPs).
  • Perform documented procedures for authorizing users to access information systems.
  • Develop and maintain SSPs for system C&A.
  • Manage Plans of Action and Milestones to closure for information systems under accreditation.
  • Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices.
  • Escalate questions/concerns/issues to more senior-level staff as required.
  • Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls.
  • Identify, promote, and make recommendations for process improvements.
  • Affirm annual self-inspections, system certification testing, periodic security testing, and functional testing on systems/networks.
  • Ensure compliance of all network equipment with applicable DOE and ORNL requirements.

Qualifications

  • Bachelor’s degree with 5-8 years of relevant experience (ex. cybersecurity assessments, risk management, cybersecurity policy, and compliance, etc.).
  • An equivalent combination of education and experience may be considered.
  • Strong analytical and organizational skills as well as problem solving capabilities to understand Cybersecurity risk and exposure (legal, regulatory violations, etc.) to ORNL.
  • Excellent interpersonal, verbal, written, and presentation communication skills.
  • Thorough understanding of industry standards and regulations including NIST 800-53, NIST Risk Management Framework, and NIST Cybersecurity Framework (CSF).
  • Working knowledge of privacy regulations and impacts.
  • Ability to work independently, meet deadlines, and uphold high ethical standards.

Benefits

  • Excellent pay and benefits, to include full medical, dental, and vision coverage coupled with 401K match, 15 days PTO, and 10 holidays.
  • Cadre5 is an equal opportunity employer.
  • Cadre5 is an E-Verify Employer.

Similar jobs