ISSO - Clarksburg, WV

• Must have a TS/SCI with Counterintelligence Polygraph
• Demonstrate expertise in systems security requirements and policy.
• Demonstrate expertise in incident response and management.
• Demonstrate experience and knowledge with security frameworks and standards such as NIST, ISO 27001, and CIS Controls.
• Demonstrate experience and knowledge of security technologies, tools, and methodologies (e.g. firewalls, IDS /IPS, SIEM systems).
• Demonstrate experience and knowledge with cloud security frameworks and associated controls.
• Demonstrate experience and knowledge with system engineering and principles and practice.
• Demonstrate experience and knowledge with secure software development lifecycle methodologies.
• Demonstrate experience and knowledge with risk assessments, threat modeling, and vulnerability management.
• Demonstrate experience and knowledge with secure architecture design and implementation.
• Demonstrate experience and knowledge with integrating security controls into system development.
• Demonstrate experience and knowledge with designing and implementing secure system architectures.
• Work is onsite in Clarksburg, WV Monday -Friday 8am -5pm.

• Five (5) years of ISSO experience.
• Experience securing cloud-native systems, implementing security gates om CI/CD, or managing AI/MIL model risks within federal or mission critical settings. Conduct risk assessments and vulnerability assessments to identify, evaluate, and prioritize security risks to the organizations information systems.
• Identify information protection needs for an information system and Network Environment.
• Define IS and Network Environment security requirements in accordance with applicable cybersecurity requirements.
• Design and develop cybersecurity-enabled products for use within an information system and network environment.
• Integrate and/or implement security with Cross Domain Solutions (CDS) for use within an information system and network environment.
• Develop and implement security designs for new or existing network system(s), include system deployed into the cloud. Ensure that the design of hardware, operating systems, and software applications adequately address cybersecurity requirements and implementation of EO14028 for the information system and network environment.
• Design, develop, and implement network security measures that provide confidentially, integrity, availability, authentication, and non-repudiation.
• Shall design, develop, and implement specific cybersecurity countermeasures for the information system and network environment.
• Develop interface specifications for the information system and network environment.
• Develop approaches to mitigate information system and network environment vulnerabilities and recommend changes to network or network system components as needed.
• Ensure that network system(s) designs support the incorporation of FBI directed cybersecurity vulnerability solutions.
• Design, develop, and implement cybersecurity capability into the CI/CD pipeline.
• Assist with other duties as assigned in the unit.
• Operate within Risk Management Framework, including Step 1-6, and ensure ongoing compliance through Continuous Monitoring.
• Design and implement security controls and validate their effectiveness.
• Configure and execute Nessus scans, interpret results, and feed findings into POA&M and risk analysis processes.
• Support system design reviews, architecture security assessments, and integrate security from requirements through sustainment.
• Secure cloud-based architectures (AWS, Azur, etc.) integrate security into CI/CD pipelines (DevSecOps), and apply NIST and DoD guidance AI tools and services in cloud environments.
• Able to work in a 24/7 operational environment.

Powered by JazzHR