Sr. Cyber Security Officer

Apply

Job Type

Full-time

Description

Sr. Cyber Security Officer

Job Type: Full-time

Description

Soliel, LLC is an accomplished and innovative Woman-Owned Small Business (WOSB) delivering IT engineering and critical mission support services to the public sector. Over the years, Soliel's team of technical experts has consistently delivered outstanding innovative solutions and services that meet or exceed our customer expectations and satisfaction. Soliel offers reach-back to experts in each field, a culture that supports employee growth and development, and a stable environment that affords cross-collaboration. We are currently seeking a Sr. Cyber Security Officer to support our NOAA customer's Enterprise-Wide Security Services Compliance (EWSSC) program.

Place of Performance: Silver Spring, MD

Start Date: Immediate

Clearance: Public Trust - (High/IT-related Risk; requires a Background Investigation)

Key Responsibilities:

• Perform annual reviews of Security and Privacy Assessment & Authorization (SPA&A) packages for NOAA systems, using NIST SP 800-37 Rev. 2 guidance, to verify the adequacy of security measures.
• Conduct cursory annual reviews of SPA&A packages for 100% of NOAA systems to identify weaknesses and ensure compliance with NOAA's Security and Privacy Controls Matrix (SPCM).
• Maintain, manage, and act as the Subject Matter Expert and Data Custodian for the NOAA FISMA repository tool, Cyber Security Assessment and Management (CSAM).
• Develop security metrics with risk scoring to demonstrate security efficacy, and create repeatable procedures for dashboards reporting risk management and compliance.
• Define standard procedures for onboarding new FISMA systems and creating "child" sub-systems.
• Assist with cloud computing activities, including interpreting complex regulatory frameworks (FedRAMP, NIST 800-53), reviewing FedRAMP packages, and facilitating cloud compliance audits.
• Coordinate common control providers to ensure all common controls are documented, assessed, authorized, and offered for inheritance within CSAM.
• Develop, schedule, and conduct role-based training for NOAA Information System Security Officers (ISSO), Information Technology Security Officers (ITSO), and System Owners (SO) on topics including CSAM usage, RMF processes, Cloud security, and Contingency Planning.

Required Skills:

• Must possess at least one IT security certification identified in the DOC "Cybersecurity Awareness and Training Standard v1.0" (e.g., CISSP, CISM, CISA, CGRC, or CompTIA Security+).
• In-depth knowledge of NIST special publications (including NIST 800-37 Rev 2 and NIST 800-53 Rev 5) and the Risk Management Framework (RMF).
• Minimum of 8 years of experience in Cyber Security.
• Hands-on experience managing and utilizing the Cyber Security Assessment and Management (CSAM) database for FISMA inventory and continuous monitoring.
• High-level knowledge of cloud computing, FedRAMP continuous monitoring, and the protection of data stored in the cloud.
• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Understanding of system security concepts, including firewalls, intrusion detection systems, and access controls.
• ·Strong analytical, problem-solving, and communication skills.

COMPENSATION:

• Excellent compensation commensurate with experience in related field(s) and performance
• Major medical, dental, and vision
• Paid holidays
• Paid Time Off (PTO)
• 401k and company matching

ABOUT US:

Mission

To provide innovative IT solutions and services that enable our customers to effectively make critical decisions, improve productivity, and achieve business and operational success. We champion integrity and work with our customers in a collaborative and professional manner.

Our Approach | a proven system

Soliel has developed a systematic approach to technical problem solving - PARDIO - Plan, Analyze, Research, Design, Implement, and Optimize. PARDIO is the result of years of experience and performance and provides our team with the ability to deliver superior technical solutions and proven customer satisfaction.

Our Expertise | an industry leader

Soliel specializes in the design, development, implementation, operation, and management of enterprise Information Technology (IT) systems, such as enterprise Internet Protocol (IP) networks, software applications and services, cloud computing systems, network, and application and storage hosting environments in data centers.

Our People | a dedicated team that delivers