Position: ISSO Systems Administrator
Location: Rosslyn, VA- Hybrid for 2 days onsite
Duration: Fulltime Permanent Position
Duties and responsibilities:
Prior experience performing system administrator tasks with installation, maintenance, and support of multi-platform technology, client/server infrastructure on Windows and Linux environments.
Must have strong logic skills and ability to understand and trouble-shoot technology issues, including networking and server configurations.
Responsible for installing and maintaining Nessus Professional. Generate vulnerability scans for Windows and Netapp Devices
Analyze system vulnerabilities using Tenable scans and STIG Viewer. Remediate high and critical vulnerabilities.
Create, Test, Apply, and Troubleshoot Group Policy Objects
Experience with Domain Controller.
Perform and set up Disaster Recovery plan and documentation.
Serve as the lead for all program Security Assessment and Authorization (SA&A) activities
Lead the evaluation of security solutions to ensure they meet security requirements for processing protected and sensitive information
Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies
Establish and maintain the appropriate operational information assurance (IA) posture
Develop and update the system security plan and other SA&A documentation
Propose, coordinate, implement, and enforce security policies, standards, and methodologies.
Establish and maintain operational security posture.
Assist with information system security management and day-to-day security operations.
Provide CM as needed for security software, hardware, and firmware. Manage system changes and assess security impacts.
Prepare and review SSPs, Risk Assessment Reports, C&A packages, and SRTMs.
Support security authorization activities in compliance with Government standards and the RMF
Must have:
Five (5) years of experience as an ISSO, including experience maintaining System Security Plans (SSPs) and performing SA&A compliance activities
Deep technical understanding of core current cybersecurity technologies and Encryption techniques/tools.
Possess the knowledge of security best practices, security solutions, and methodologies for risk management per NIST Cybersecurity Framework guidelines
Good to have:
Experience providing information security support for hybrid cloud solutions
Experience with Splunk (search and reporting)
Knowing how to build Splunk dashboards is a plus
Certified Systems Security Professional (CISSP) certification