AWS ISSO

A client is looking for a fully remote ISSO to join their team. The ideal candidate will become part of a Data Center and Cloud Optimization program joining the Security team and plays a Cybersecurity operational compliance role . The position is responsible for performing as a named ISSO for Government Systems and assisting other ISSOs with end-to-end Governance Risk and Compliance (GRC) functions that entails security control implementation, continuous monitoring, and federal Assessment and Authorization (A&A) activities. In a typical engagement, the ISSO operates as a trusted advisor in the organization, working with senior management and focusing specifically on the security environment in relation to client business objectives. The ISSO helps to understand operational issues and plans the next steps in collaboration with Cybersecurity Manager from an information security viewpoint. The position will be able to demonstrate industry expertise and thorough understanding of security governance, vulnerability assessment, risk and compliance domains. This position requires the ability to interact and influence at an organizational level to carry out governance, risk and compliance activities. This is a fully remote role working 9-3pm EST for their core hours.

We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form. The EEOC "Know Your Rights" Poster is available here.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

-Ability to obtain DHS EOD
-High School Diploma and 6 years of experience
-Must have 5+ years of experience as a NAMED ISSO for a Govt System(s
-Knowledge of the security countermeasures and overall RMF and NIST compliance guidelines
-Ability to influence OCISO Delivery system stakeholders in the execution of security and compliance requirements.
-Experience working with the National Institute of Standards National Institute of Standards and Technology (NIST) and Federal Information Security Management Act (FISMA) requirements and reporting.
-Experience in managing security Certification and Accreditation activities utilizing common control frameworks.
-Experience with risk mitigation and selecting or designing appropriate security controls for implementation.
-Experience applying cloud security concepts, requirements, design development, implementation, and integration for existing and new technology product offerings.
-Experience with overseeing compliance programs in Microsoft Azure, Amazon AWS, PCI DSS, and FedRamp cloud environments
-Experience with Tenable, Palo Alto, or other cloud-based infrastructure vulnerability scanning platforms.
-Experience in coordinating, monitoring and tracking security activities across multiple organizations.
-Experience in managing security posture of cloud environment, and working with engineering teams to remediate, and communicating overall risk of environment while identifying areas of improvement.
-Demonstrated understanding and experience with DevSecOps
-Knowledge of Federal Government Security, industry and market trends and CS&PSS business and offerings
-Understands federal security and regulations.

Preferred Certifications: CISSP or CISM; At least one Cloud Security Certification: AWS Security Professional; CCSP; CCSK, CISA, CRISC, GSEC, ComTIA Sec+

Experience of working with Federal Information Processing (FIPS), FISMA, FedRAMP and Other Cyber Security related laws, regulations and directives

Experience with cloud-based infrastructure vulnerability scanning platforms

Experience of presenting at client meetings

Experience of translating contractual security requirements to deliverables.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.