ISSO Specialist Job at SGS Consulting, Massachusetts

ZVV1emRGTHYzWEZ4WHhhVlRxM3dwdVJyZGc9PQ==
  • SGS Consulting
  • Massachusetts

Job Description

Job Responsibilities:

  • Develop and maintain IS security program and policies for assigned areas of responsibility.
  • Oversee operational IS security implementation policy and guidelines.
  • Monitor system vulnerabilities, attacks, and recovery processes to ensure compliance with security requirements.
  • Conduct security assessments, tests, and reviews; take corrective measures when incidents or vulnerabilities are discovered.
  • Ensure proper configuration management and adherence to system security procedures as outlined in the SSP.
  • Develop and update System Security Plans (SSP), manage and assess the impact of system changes.
  • Maintain and analyze user activity monitoring data in accordance with ITPSO policies.
  • Develop and maintain POA&Ms to track and mitigate IS weaknesses.
  • Ensure all users have required security clearances and understand their security responsibilities.
  • Assist Program Managers and ISSM with SSPs, POA&Ms, Risk Assessments, and Continuous Monitoring Strategies.
  • Conduct vulnerability scanning, configuration assessments, and remediation.
  • Align IT security priorities with organizational security strategies.
  • Participate in compliance assessments and interpret noncompliance patterns for risk impact.
  • Ensure systems are operated, maintained, and disposed of in compliance with organizational security policies.
  • Support compliance activities and ensure that security configuration guidelines and remediation plans are followed.
  • Promote security awareness and sound security practices across the organization.
  • Prepare technical documentation, incident reports, and situational awareness summaries for key stakeholders.
  • Participate in occasional off-hours or weekend work to support mission requirements or inspection deadlines.

Skills:

  • System Auditing (4 years)
  • Regulatory & Compliance (4 years)
  • STIGs/SCAP (4 years)
  • Assessing Security Controls (CS105.16) – 4 years
  • Assessment and Authorization (4 years)
  • Authorizing Systems (CS106.16) – 4 years
  • Categorization of the System (CS102.16) – 4 years
  • Continuous Monitoring (CS200.16) – 4 years
  • Implementation of Controls (CS104.16) – 4 years
  • Monitoring Security Controls (CS107.16) – 4 years
  • NIST 800-53 (4 years)
  • NIST SP 800-37 (4 years)
  • Risk Management Framework (RMF) (4 years)
  • Selecting Security Controls (CS103.16) – 4 years
  • Nice to Have: HBSS, NIST 800-171

Education/Experience:

  • Bachelor’s Degree (Preferred)
  • Current DoD 8570 IAT Level II Certification (Security+ CE, GSEC, SSCP, CCNA-Security) – Required
  • Active Top Secret Clearance with SCI Eligibility (CI Polygraph may be required)
  • 4+ years of relevant experience in cybersecurity and information assurance
  • Security Plus is the minimum 8570 certification requirement

Job Tags

Similar Jobs

Apply Now
Job Summary
  • Location
    Massachusetts
  • Job Type
    Full Time
  • Date Posted
    2026-04-15
  • Expiration date
    2026-05-15