Senior ISSO(Cloud)

Senior ISSO(Cloud)

Vacancy expired!

NikSoft is currently conducting a search for a Senior ISSO to support the Cyber Security program (Risk Management Office) at the United States Postal Service. The candidate will have expertise in system certification & accreditation (C&A) processes; information assurance (IA) processes; achieving system ATOs, and continuous monitoring. The successful candidate will experience an unparalleled large-scale enterprise environment with over 800 Information Technology systems, processing billions of dollars in annual revenue and supporting a diverse user base spread across the entire US. Join the NikSoft team to scale your career to the next level.

• The candidate will drive the review and certification of information technology systems following the USPS CISO policies and procedures (modeled based on NIST RMF).
• The candidate will manage action items, work to resolve issues, and identify and document system risks and vulnerabilities.
• Providing input to and develop, write, edit and submit documentation in support of the project deliverables.
• Candidate must be able to clearly define tasking, communicate topics to leadership through concise and succinct presentations, to organize meeting preparation materials.
• Work closely with the system teams and program/project managers as well as interfacing with CISO and CIO stakeholders as needed.
• Oversee the information assurance (IA) program of an information system in or outside the network environment; may include recommendation and justification for procurement duties.
• Establish audit policy and reporting mechanisms for ensuring compliance with IA/IS standards by keeping current with IA/IS requirements.
• Lead the development of risk management by creating plans, procedures, protocols, and evaluation measures and ensuring there are desired levels of enterprise-wide IA/IS.
• Oversee the presence and adequacy of security measures proposed or provided in response to requirements contained in acquisition documents

• Bachelor's degree in Information Technology or a relevant Cybersecurity field, and 7+ years of overall experience.
• 5+ years of experience working as an ISSO or Information Assurance analyst.
• 2+ years of hands on experience working in a cloud (IaaS, PaaS, SaaS) environment. Microsoft Azure and Office 365 experience is highly desired.
• Strong knowledge of the NIST Risk Management Framework (RMF) and security controls is required.
• Hands on experience creating ATO packages, and continuous monitoring compliance in a large-scale enterprise environment is required.
• Working experience with a GRC tool (preferably RSAM)
• DevSecOps experience.
• Experience working with leading edge technologies and innovative risk compliance and mitigation processes (automated monitoring, automated ATOs, etc.).
• Must have strong communication skills, both oral and written, with excellent interpersonal, team and organization skills.
• Must have strong knowledge of MS Office products to include PowerPoint, Word, Excel, and Outlook.
• A self-starter with proven abilities to collaborate and gather information from multiple teams.
• Certification in one or more of; Systems Security Certified Practitioner (SSCP), CompTIA Security+, CPTE - Certified Penetration Testing Engineer, CEH - Certified Ethical Hacker, or Certified Information System Security Professional (CISSP)
• Demonstrable experience with Security Operation tools inclusive of products from SPLUNK, FireEye, Looking Glass, Intel, Endgame, StealthWatch, RSA, and Tanium