ISSO Systems Admin

Position: ISSO Systems Administrator

Location: Rosslyn, VA- Hybrid for 2 days onsite

Duration: Fulltime Permanent Position

Duties and responsibilities:

Prior experience performing system administrator tasks with installation, maintenance, and support of multi-platform technology, client/server infrastructure on Windows and Linux environments.

Must have strong logic skills and ability to understand and trouble-shoot technology issues, including networking and server configurations.

Responsible for installing and maintaining Nessus Professional. Generate vulnerability scans for Windows and Netapp Devices

Analyze system vulnerabilities using Tenable scans and STIG Viewer. Remediate high and critical vulnerabilities.

Create, Test, Apply, and Troubleshoot Group Policy Objects

Experience with Domain Controller.

Perform and set up Disaster Recovery plan and documentation.

Serve as the lead for all program Security Assessment and Authorization (SA&A) activities

Lead the evaluation of security solutions to ensure they meet security requirements for processing protected and sensitive information

Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies

Establish and maintain the appropriate operational information assurance (IA) posture

Develop and update the system security plan and other SA&A documentation

Propose, coordinate, implement, and enforce security policies, standards, and methodologies.

Establish and maintain operational security posture.

Assist with information system security management and day-to-day security operations.

Provide CM as needed for security software, hardware, and firmware. Manage system changes and assess security impacts.

Prepare and review SSPs, Risk Assessment Reports, C&A packages, and SRTMs.

Support security authorization activities in compliance with Government standards and the RMF

Must have:

Five (5) years of experience as an ISSO, including experience maintaining System Security Plans (SSPs) and performing SA&A compliance activities

Deep technical understanding of core current cybersecurity technologies and Encryption techniques/tools.

Possess the knowledge of security best practices, security solutions, and methodologies for risk management per NIST Cybersecurity Framework guidelines

Good to have:

Experience providing information security support for hybrid cloud solutions

Experience with Splunk (search and reporting)

Knowing how to build Splunk dashboards is a plus

Certified Systems Security Professional (CISSP) certification