Intermediate ISSO Control Evaluator

Zolon Tech

Washington, DC

JOB DETAILS
SKILLS
Background Investigation, Business Intelligence, Business Processes, Change Control, CompTIA - Computing Technology Industry Association, Computer Science, Computer Security, Content Development, Data Mining, Data Structures, Develop Methodologies, Documentation, FISMA - Federal Information Security Management Act, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Metrics, Privacy Controls, Project Tracking, Reporting Dashboards, Risk, Risk Analysis, Risk Management, Security Monitoring, Systems Administration/Management, Systems Analysis, Training/Teaching Materials, U.S. National Institute of Standards and Technology (NIST)
LOCATION
Washington, DC
POSTED
6 days ago
The Intermediate ISSO/Control Evaluator serves as the principal advisor to the information systems owners, business process owners, and Information System Security Manager (ISSM) on all matters, technical and otherwise, involving the security of an information system.

Duties and Responsibilities:
Create, update, revise, and maintain cybersecurity and privacy documentation for each assigned system
Provide security and privacy controls assessment and continuous monitoring assessment support for all systems
Develop and sustain in-depth technical, operational, and working-level expertise about the systems and applications assigned
Actively participate in change control processes
Ensure systems are onboarded into the enterprise tools and reporting mechanisms
Design, construct, automate, and maintain visualizations (dashboards) and the underlying data structures that reflect the status or effectiveness of controls, monitoring status, capabilities, or metrics
Collect, compile, validate, and submit FISMA reporting metrics representing all systems, services, applications, and programs
Support and facilitate internal and external audits of assigned FISMA systems
Provide cybersecurity- and privacy-related awareness training content and development support
Provide support for the integration of cybersecurity and privacy risks into the Enterprise Risk Management (ERM) function, to support FISMA requirements
Other duties as assigned.

Minimum Qualifications:
Bachelor's in Computer Science, Information Technology, Cybersecurity, or a related discipline
5+ years of experience developing the required documents for the A&A, 5+ years of experience implementing NIST 800-53A security controls; 1 year of experience in data structures, data mining, business intelligence
ISC(2) CGRC, CompTIA CASP+ or similar level certification preferred
Background check

Knowledge, Skills, and Abilities:
Experience in applying risk management techniques to develop and complete risk assessments based on NIST standards to ensure system design and implementation sufficiently addresses or mitigates IA risk.
Experience in data structures, data mining, and business intelligence, with the ability to correlate data across multiple disparate sources, linking common data elements, and constructing informative visualizations.
Knowledge of FISMA reporting requirements

Location: Washington, DC (Hybrid - 3 days onsite/ 2 days remote)

About the Company

Z

Zolon Tech