Dark Wolf Solutions is seeking a highly experienced and skilled professional to join our organization as a Senior Information Systems Security Officer (ISSO). As a senior-level ISSO, you will assume a leadership role in shaping and executing the information security program, ensuring compliance with CISA/DHS policies and directives. You will provide expert guidance, lead security initiatives, and collaborate with stakeholders to protect critical information systems and assets in support of CISA/DHS's mission to safeguard the nation's security.. This position is expected to be primarily remote, but candidates must reside within 50 miles of a Dark Wolf Office location. Key responsibilities include, but are not limited to:
- Supporting the preparation of Authorization to Operate (ATO) package documentation, including security assessment reports, system security plans, risk assessment reports, and other necessary artifacts.
- Coordinating with stakeholders to ensure ATO package documentation aligns with industry best practices, NIST guidelines, and agency-specific requirements.
- Assisting in conducting internal reviews and assessments to ensure ATO package documentation accurately reflects the current security posture and controls in place.
- Developing and overseeing the implementation of comprehensive information security policies, procedures, and guidelines, aligned with DHS directives and industry best practices, to establish and maintain an effective security posture.
- Conducting in-depth risk assessments, security audits, and vulnerability assessments to identify threats and vulnerabilities, and develop robust risk mitigation strategies in accordance with DHS guidelines and relevant frameworks (e.g., NIST, FISMA).
- Leading incident response efforts, directing response teams, conducting forensic analysis, coordinating with relevant authorities, and ensuring compliance with CISA/DHS incident handling protocols.
- Mentoring and providing guidance to junior ISSOs and security personnel, fostering professional growth and ensuring the development of a capable and cohesive information security team.
- Collaborating with stakeholders, system administrators, and network engineers to implement and maintain secure configurations for systems and networks, ensuring their compliance with CISA/DHS security standards.
- Maintaining and enhancing security monitoring systems, including intrusion detection/prevention systems (IDS/IPS), SIEM tools, and security event correlation platforms, to proactively detect and respond to potential security incidents within DHS systems.
- Performing security evaluations and assessments of technology infrastructure, systems, and applications, ensuring their compliance with DHS regulations, standards, and guidelines.
- Managing relationships with internal and external auditors, providing necessary documentation and coordinating audit activities to ensure compliance with DHS requirements.
- Staying informed about emerging cybersecurity threats, trends, and technologies, conducting research and analysis to identify potential risks and develop proactive measures to protect critical information systems within DHS.
- Collaborating with stakeholders to identify and implement security controls and countermeasures for new projects, systems, and applications, considering DHS's unique security requirements and risk tolerance.
Required Qualifications:
- Bachelor's degree in information security, computer science, or a related field
- Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other relevant certifications highly desired
- Minimum of 7-10 years of progressive experience in information security, with a significant focus on managing and implementing information security programs within the DHS or other federal agencies
- Experience supporting the preparation and maintenance of Authorization to Operate (ATO) package documentation, including security assessment reports, system security plans, and other necessary artifacts
- Familiarity with NIST guidelines, industry best practices, and agency-specific requirements related to the ATO process
- Deep knowledge of DHS information security frameworks, regulations, and standards, such as NIST, FISMA, and CISA guidance, with direct experience in implementing and interpreting these requirements
- Extensive experience in leading and conducting risk assessments, security audits, incident response efforts, and vulnerability management activities within the context of DHS operations
- Experience performing security assessments, vulnerability assessments, and penetration testing within a complex enterprise environment
- Familiarity with security control frameworks and standards, such as NIST SP 800-53, FIPS 199, and NIST SP 800-37
- Knowledge of ATO processes, NIST guidelines, and industry best practices related to system security plans, security assessments, and ATO package preparation
- Excellent leadership and interpersonal skills, with the ability to effectively collaborate, mentor, and communicate complex security concepts to technical and non-technical stakeholders at all levels within a DHS environment
- Proven track record of successfully managing complex security initiatives and projects, ensuring delivery within established timelines and resource constraints
- In-depth knowledge of advanced threat actors, emerging cyber threat landscape, and evolving cybersecurity technologies and trends within the specific context of DHS missions
- Up-to-date expertise in cybersecurity regulations, industry standards, and emerging best practices, with the ability to translate them into actionable strategies and initiatives to enhance the DHS's security posture
- US citizenship and ability to obtain and maintain a DHS Suitability/Entry on Duty (EOD)
Desired Qualifications:
The estimated salary for Journeyman to Senior candidates is expected to be $110,000.00 - $150,000.00, commensurate on experience.