ISSO Specialist Security Clearance

Position: ISSO Specialist with Security Clearance
ISSO Specialist Clearance Level: Must have a Secret Clearance or Higher to be considered. Must be US Citizen At Aquila Technology, you will see our team's passion every day, whether we are building a robust, policy-compliant IT system or stress-testing a system to identify gaps and security vulnerabilities. To own the advantage, we ensure our team owns results and gets the work done right the first time by deploying smart, purposeful solutions that work.

Aquila is the right people with the right skills driving the right outcomes. We call this the Aquila Advantage. Aquila Technology is seeking a ISSO Specialist to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements).

Must Have
* Certification - Current DoD 8570 IAT Level II Certification (GSEC, Security+ CE, SSCP, CCNA-Security)
* Degree Level - Bachelor's Degree
* Clearance Level - Currently holds a Secret Clearance (OR a higher clearance) Experience
* 5 years - System Auditing
* 5 years - Regulatory & Compliance
* 5 years - Government Policy/Regulations
* 5 years - STIGs/SCAP
* 5 years - Security
* 5 years - Assessing Security Controls (CS105.16)
* 5 years - Assessment and Authorization
* 5 years - Authorizing Systems (CS106.16)
* 5 years - Categorization of the System (CS102.16)
* 5 years - Continuous Monitoring (CS200.16)
* 5 years - Implementation of Controls (CS104.16)
* 5 years - Monitoring Security Controls (CS107.16)
* 5 years - NIST 800-171
* 5 years - NIST 800-53
* 5 years - NIST SP 800-37
* 5 years - Risk Management Framework (RMF)
* 5 years - Selecting Security Controls (CS103.16) Position Scope/Job Functions/

Core Responsibilities:

* Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements).
* Work with the ISSM on compliance activities including RMF Accreditation of several complex information systems
* Assist in the security configuration and management of collateral classified systems and networks in a variety of traditional and virtual environments including Linux, Unix, Sun, Mac, and Windows
* Confirm that plans of actions and milestones (POA&M) or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
* Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
* Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
* Utilizing previous RMF experience, recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
* Act as primary author on the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy
* Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures
* Collect, analyze, and store system audit records
* Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation
* Prepare for and participate in periodic organization compliance assessments
* Ensure account management documentation is complete and updated
* Maintain configuration management documentation (change tracking, maintenance logs, etc.)
* Serve as a member of the Configuration Control Board (CCB) as needed

Required:

Demonstrated understanding of the following security frameworks is required:
* NIST 800-53 / Risk Management Framework (RMF)
* Joint SAP Implementation Guide (JSIG)
* Intelligence Community Directive (ICD) 503
* National Industrial Security Program Operating Manual (NISPOM) Chapter 8
* DoD Manual 5205.07 Volumes 1- 4
* Assessment and Authorization Manual (DAAPM)
* BS degree in Information Security, Computer Science, Cybersecurity, Information Technology, Computer Information Systems, or related discipline is required. Technical experience, skills, and course work completed towards an Undergraduate Degree, or industry IT certifications may be considered in lieu of education or DoD security experience requirements
* Possess a DoD 8570.01-M IAM I baseline certification (e.g. CompTIA Security+). The group will consider someone w/out this certification IF they are willing to obtain in first 6 months at supplier or candidate's expense
* Demonstrated experience with vulnerability scanning and auditing tools and processes is required
* Experience and familiarity with multiple operating…