Job Overview:
Seeking an ISSO to lead a team that ensures cybersecurity policy compliance, endpoint security, and cyber security administration in support of PEO Aviation located in Huntsville, AL. This is an SME level position. The successful candidate will lead PEO Aviation’s ELAN Cyber Team to maintain and strengthen the security posture of PEO Aviation’s enterprise network.
Responsibilities
- Ability to oversee and assign daily tasks to a team of cybersecurity professionals
- Ability to manage projects that relate to cybersecurity
- Assists in the development of application security policies.
- Establish procedures & processes to ensure tracking and mitigation of risks identified during the ATO process.
- Develop and update Interconnection Security Agreement documentation as needed.
- Develop and update System Security Plans (SSPs) and supporting documentation.
- Assisting with tailoring of security control baselines for general support system and other FISMA reportable systems, including cloud systems utilizing FedRamp controls.
- Collecting and validating control implementation statements from subject matter experts.
- Oversee development of security and privacy control implementation statements per NIST SP 800-53 and agency security policy standards.
- Assist with the migration to NIST SP 800-53 Rev 5, identifying gaps and providing understanding of new requirements to technical teams for implementation.
- Conduct security reviews for changes impacting hardware, software, baselines, connections, or applications.
- Review and assess POA&M outputs, recommending additional work or closure.
- Support the continuous monitoring program as necessary when Information System Continuous Monitoring (ISCM) results will be used to support continuing authorization requirements or ongoing authorizations.
- Document and communicate control deficiencies for POA&M consideration.
- Assist in developing security policies, ensuring compliance, and updating documentation.
- Provide information for status reports, briefings, schedules, and project plans in written and oral form.
- Ensures domain level Group Policy configurations are in place and compliant with approved security posture.
- Compliance and Auditing processes and inspections for all applications; ensures validity and accuracy review of all associated documentation.
- Performs compliance reviews of applicable STIGs, performs risk assessments, and performs security test evaluations and audits.
- Analyzes security requirements for information protection for enterprise applications.
Qualifications
- Ability to interpret and apply DOD and Army level cyber instructions and regulations
- Ability to apply cybersecurity theories and principles to a large complex IT system
- Excellent written and oral communication skills
- Understanding of the application of DISA STIGs
- Ability to manage people, schedules, tasks, and projects
Requirements (minimum):
- BA/BS with 5+ years of experience or AA with 7+ years of experience
- Active Secret Clearance
- IAT II Certification
Desired Skills:
- Experience with RMF
- Experience with eMass
- Experience with Windows and Linux operating systems
- Experience with Trellix, ESS, Elastic, ACAS, NESSUS, SCCM, PowerShell
Special Requirements:
- Must be a U.S. citizen.
- Must have ACTIVE secret security clearance
Geeks and Nerds is an innovative technology company that encourages ingenuity, defies the norm, fosters teamwork, and defines the future for our community and nation. We are an Employee-Owned company which means our dedicated team members are also the owners of Geeks and Nerds. When you join GaN, you are not an employee; you are the future owner of Geeks and Nerds.
Come join the company that develops innovative solutions that makes a positive difference in our community and nation. Come join the exceptionally talented and dedicated co-owners. Join a company of significance!
GaN Corporation is an Equal Opportunity Employer. We are pleased to consider all qualified applicants for employment without regard to race, color, gender, sexual orientation, gender identity, religion, national origin, age, marital status, veteran status, disability, genetic information, or any other legally protected classifications. GaN Corporation participates in E-Verify.