Information System Security Officer

February 20

Apply Now
Logo of NexThreat

NexThreat

NexThreat is a global cybersecurity firm that provides comprehensive data management, IT modernization, and cloud migration services. The company specializes in leveraging advanced data analytics, artificial intelligence, and machine learning to enhance cybersecurity measures and enable threat hunters to combat advanced adversaries effectively. NexThreat helps its clients across commercial, government, and defense sectors to reduce false positives, increase operational efficiency, and maintain compliance with the latest regulations. By focusing on intelligence, action, and security operations, NexThreat enhances its customers' cyber-fortitude and helps them achieve mission-critical objectives without compromising their data's confidentiality and integrity.

SIEM • Insider Threat • ArcSight • Splunk • Compliance

📋 Description

• Job Title: The Information System Security Officer (ISSO) • Location: Alexandria, VA, remote • Job Category: Information Technology • Time Type: Full-time • Clearance Requirement: No clearance required • Employee Type: W2 or 1099 • Citizenship: US Citizen, no Dual Citizenship • NexThreat is seeking an Information System Security Officer (ISSO). The perfect candidate will be responsible for overseeing the security of information systems within the organization. The ISSO ensures compliance with applicable security policies and regulations, including but not limited to the Risk Management Framework (RMF) and various cybersecurity standards. This position demands a proactive approach to risk management and incident response within a cloud computing environment. • Key Responsibilities: • Provide Risk Management Framework (RMF) Support • Maintain and renew existing Impact Level 4 (IL4) cloud ATO. • Update records in the Enterprise Mission Assurance Support Service (eMASS), CWBI Hub, and Confluence to include system management information, security controls, implementation plans, control status continuous assessments, and a continuous monitoring plan. • Analyze Personally Identifiable Information (PII) and Controlled Unclassified Information (CUI) within CWBI and prepare Privacy Impact Assessments and System of Record Notices (SORN). • Maintain and update Record Management Surveys (RMS) and supporting documents. • Coordinate with SCA-V or DoD Continuous Monitoring program for assessments. • Perform post-assessment actions, including creating a Plan of Action and Milestones (POA&M), Security Assessment Reports (SAR), and coordinating finalized authorization decisions with USACE CIO/G-6 and the Authorizing Official. • Facilitate CWBI change management activities utilizing standard DevSecOps solutions. • Track change management items from reception to completion. • Conduct security impact assessments for proposed changes. • Analyze CWBI modules for configuration changes using automated means. • Establish and maintain baseline hardware and software configurations, as well as documentation for ports, protocols, and services management (PPSM). • Update CWBI system documentation in eMASS, Army Portfolio Management Solution (APMS), CWBI Hub, and Confluence as required. • Provide Tier 3 Cyber Security Service Provider (CSSP) Support • Conduct Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), and Army Endpoint Security Solution (AESS) scanning. • Coordinate system access for necessary scans. • Compile and analyze monthly vulnerability reports, categorizing impact levels and assisting CWBI PMO in prioritizing work to mitigate risks. • Provide code vulnerability testing, dynamic code scanning, and cloud storage management services compatible with tools such as Burp Suite, Cloudberry, and ThunderScan, ensuring any licenses are the property of USACE. • Conduct Security Content Automation Protocol (SCAP), Security Technical Implementation Guide (STIG), and Federal Risk and Authorization Management Program (FedRAMP) analyses. • Perform quarterly SCAP and STIG assessments and analyze results for impacts/risks. • Upload results into eMASS and assist CWBI PMO with risk prioritization. • Continuously monitor system security events via logging and monitoring tools. • Process event log notifications and create service tickets for appropriate technical groups. • Track service ticket resolutions until successful completion. • Qualifications • Bachelor's degree in Computer Science, Information Systems, or a related field. • Relevant certifications (e.g., CISSP, CISM, Security+) preferred. • Proven experience in cybersecurity, RMF, or a related field. • Familiarity with cloud security compliance requirements and configurations. • Strong analytical and problem-solving skills.

🎯 Requirements

• Bachelor's degree in Computer Science, Information Systems, or a related field. • Relevant certifications (e.g., CISSP, CISM, Security+) preferred. • Proven experience in cybersecurity, RMF, or a related field. • Familiarity with cloud security compliance requirements and configurations. • Strong analytical and problem-solving skills.

Apply Now

February 19

Join Netflix as an Application Security Engineer, ensuring security for a diverse software ecosystem.

February 16

Ensono

1001 - 5000

Join Ensono to oversee security processes for mainframe systems and client support.

Discover 100,000+ Remote Jobs!

Join now to unlock all job opportunities.

Find your dream remote job

Discover hidden jobs

We scan the internet everyday and find jobs not posted on LinkedIn or other job boards.

Head start against the competition

We find jobs within 24 hours of being posted, so you can apply before everyone else.

Be the first to know

Daily emails with new job openings straight to your inbox.

Choose your membership

Cancel anytime

Loved by 10,000+ remote workers

Wall of Love

Frequently asked questions

We use powerful scraping tech to scan the internet for thousands of remote jobs daily. It operates 24/7 and costs us to operate, so we charge for access to keep the site running.

Of course! You can cancel your subscription at any time with no hidden fees or penalties. Once canceled, you’ll still have access until the end of your current billing period.

Other job boards only have jobs from companies that pay to post. This means that you miss out on jobs from companies that don't want to pay. On the other hand, Remote Rocketship scrapes the internet for jobs and doesn't accept payments from companies. This means we have thousands more jobs!

New jobs are constantly being posted. We check each company website every day to ensure we have the most up-to-date job listings.

Yes! We’re always looking to expand our listings and appreciate any suggestions from our community. Just send an email to Lior@remoterocketship.com. I read every request.

Remote Rocketship is a solo project by me, Lior Neu-ner. I built this website for my wife when she was looking for a job! She was having a hard time finding remote jobs, so I decided to build her a tool that would search the internet for her.

Why I created Remote Rocketship

Choose your membership

Cancel anytime

Loved by 10,000+ remote workers
Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or lior@remoterocketship.com