Whatsapp
Posted : Wednesday, September 27, 2023 01:37 PM
ICF is a mission-driven company filled with people who care deeply about improving the lives of others and making the world a better place.
Our core values include Embracing Difference; we seek candidates who are passionate about building a culture that encourages, embraces, and hires dimensions of difference.
ICF is hiring a highly cleared Sr.
ISSO.
This role will be based on the client site in Aberdeen, MD.
Key Responsibilities: Leads the evaluation of cyber security risks (external & internal threats, platform & application vulnerabilities, data protection, etc.
), testing controls designed to mitigate risk, communicating issues and findings to management, devising solutions for business improvements, and following-up on corrective actions, may participate on and lead professional teams to execute technical audit projects focused on evaluating the effectiveness of cyber security governance, tools and operations, may evaluate the design, effectiveness and efficiency of information technology and security processes, procedures, and technical controls including solution implementations, identify and address systemic gaps in cyber security risk management.
Perform all ISSO duties and responsibilities in DODI 8500.
01, DODI 8510.
01, and AR 25–2.
Responsible for ensuring the appropriate operational security posture is maintained for the information system (IS) on multiple security domains and classification to met Intelligence Community (IC), DoD and Army cybersecurity/information assurance regulations and policies.
Direct experience with implementation of Intelligence Community (IC), DoD and Army regulations (such as DOD-I-8500, DOD-I-8510, ICD 503, NIST 800-53, CNSSI 1253, Army AR 25-2) and RMF security control requirements and able to provide technical direction, interpretation and alternatives for security control compliant.
Prepare Risk Management Framework (RMF) system accreditation Body of Evidence (BOE) packages using the eMASS, XACTA or other approved A&A tool to include, System Security Plans, Risk Assessment Reports, System Requirements Traceability Matrices (SCTM), and other documentation as required by ICD 503, NIST 800-53, CNSSI 1254 and any additional documentation as determined by the Authorizing Official (AO).
Direct experience with eMASS, XACTA or other A&A repositories required.
Develops, reviews, evaluates and verifies self-testing results to validate enclave security requirements in accordance with applicable Intelligence Community, DoD and Army cybersecurity and Information Assurance (IA) regulations, policies and organizational security policies) in Information Systems (ISs) are met.
ISs includes Cross Domain Solution Suites (CDSS), Cloud, On-Prem, Tactical, etc.
, within the program’s portfolio.
Ensure the appropriate organizational operational security posture is maintained for the assigned Army IS.
Ensure Army IS cybersecurity-related documentation is current and accessible to properly authorized individuals.
Prepare, distribute, and maintain plans, instructions, and SOPs concerning system security.
Review and evaluate the effects on security of system changes, including interfaces with other ISs and documents all changes.
Develops and reviews necessary change management processes and artifacts to support updates to system A&As.
Fully understand DISA Port Protocol, and Services Management (PPSM) requirement and able to obtain PPSM account for management of PPSM for supporting systems.
Must be willing to travel, as needed, 25% or more.
Basic Qualifications: Active High Level Security Clearance is required.
Bachelors Degree 10 years of experience Additional Skills: DOD 8570 certification level IAM III (acceptable certifications include CASP+, CISSP, CISM, GSLC, or CCISO).
Working at ICF ICF is a global advisory and technology services provider, but we’re not your typical consultants.
We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.
We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive.
We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status.
Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals.
For more information, please read our EEO & AA policy.
Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process.
To request an accommodation please email icfcareercenter@icf.
com and we will be happy to assist.
All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
Read more about non-discrimination: Know Your Rights and Pay Transparency Statement.
Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.
The pay range for this position is: $127,478.
00 - $216,712.
00 Maryland Client Office (MD88)
Our core values include Embracing Difference; we seek candidates who are passionate about building a culture that encourages, embraces, and hires dimensions of difference.
ICF is hiring a highly cleared Sr.
ISSO.
This role will be based on the client site in Aberdeen, MD.
Key Responsibilities: Leads the evaluation of cyber security risks (external & internal threats, platform & application vulnerabilities, data protection, etc.
), testing controls designed to mitigate risk, communicating issues and findings to management, devising solutions for business improvements, and following-up on corrective actions, may participate on and lead professional teams to execute technical audit projects focused on evaluating the effectiveness of cyber security governance, tools and operations, may evaluate the design, effectiveness and efficiency of information technology and security processes, procedures, and technical controls including solution implementations, identify and address systemic gaps in cyber security risk management.
Perform all ISSO duties and responsibilities in DODI 8500.
01, DODI 8510.
01, and AR 25–2.
Responsible for ensuring the appropriate operational security posture is maintained for the information system (IS) on multiple security domains and classification to met Intelligence Community (IC), DoD and Army cybersecurity/information assurance regulations and policies.
Direct experience with implementation of Intelligence Community (IC), DoD and Army regulations (such as DOD-I-8500, DOD-I-8510, ICD 503, NIST 800-53, CNSSI 1253, Army AR 25-2) and RMF security control requirements and able to provide technical direction, interpretation and alternatives for security control compliant.
Prepare Risk Management Framework (RMF) system accreditation Body of Evidence (BOE) packages using the eMASS, XACTA or other approved A&A tool to include, System Security Plans, Risk Assessment Reports, System Requirements Traceability Matrices (SCTM), and other documentation as required by ICD 503, NIST 800-53, CNSSI 1254 and any additional documentation as determined by the Authorizing Official (AO).
Direct experience with eMASS, XACTA or other A&A repositories required.
Develops, reviews, evaluates and verifies self-testing results to validate enclave security requirements in accordance with applicable Intelligence Community, DoD and Army cybersecurity and Information Assurance (IA) regulations, policies and organizational security policies) in Information Systems (ISs) are met.
ISs includes Cross Domain Solution Suites (CDSS), Cloud, On-Prem, Tactical, etc.
, within the program’s portfolio.
Ensure the appropriate organizational operational security posture is maintained for the assigned Army IS.
Ensure Army IS cybersecurity-related documentation is current and accessible to properly authorized individuals.
Prepare, distribute, and maintain plans, instructions, and SOPs concerning system security.
Review and evaluate the effects on security of system changes, including interfaces with other ISs and documents all changes.
Develops and reviews necessary change management processes and artifacts to support updates to system A&As.
Fully understand DISA Port Protocol, and Services Management (PPSM) requirement and able to obtain PPSM account for management of PPSM for supporting systems.
Must be willing to travel, as needed, 25% or more.
Basic Qualifications: Active High Level Security Clearance is required.
Bachelors Degree 10 years of experience Additional Skills: DOD 8570 certification level IAM III (acceptable certifications include CASP+, CISSP, CISM, GSLC, or CCISO).
Working at ICF ICF is a global advisory and technology services provider, but we’re not your typical consultants.
We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.
We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive.
We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status.
Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals.
For more information, please read our EEO & AA policy.
Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process.
To request an accommodation please email icfcareercenter@icf.
com and we will be happy to assist.
All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
Read more about non-discrimination: Know Your Rights and Pay Transparency Statement.
Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.
The pay range for this position is: $127,478.
00 - $216,712.
00 Maryland Client Office (MD88)
• Phone : NA
• Location : Aberdeen, MD
• Post ID: 9057877300
