Acara Solutions is seeking an Information Systems Security Officer for our client in Fairfax, VA.

• The candidate will be designated as an Information Systems Security Officer (ISSO) supporting multiple Special Access Programs administering the Information Assurance (IA) Cyber duties for government customers.
• Components of the IA program include Assessment and Authorization (A&A) activities (documentation preparation, system configuration/validation, certification testing), security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers), conducting self-inspections, audit trail review, and delivering information systems security education and awareness.
• The candidate must be a self-starter capable of multitasking and efficiently managing their time in a dynamic environment while requiring minimal supervision.
• Additionally, the candidate will possess effective written, speaking, analytical, organizational, and customer service skills that will assist them in identifying solutions to complex compliance and security problems.
• The ISSO will coordinate duties with the System Administrators or Information Technology (IT) staff to ensure all configuration requirements are implemented and functional.
• The ISSO will conduct technical and nontechnical reviews and audits as the Information Systems Security Manager prescribes.
• As a member of the Information Assurance Security team, the ISSO supports system security categorization efforts, security requirements selection/analysis, and security control assessments and performs continuous monitoring.
• Executes or supports the execution of A&A activities, including developing required security documentation, including items such as System Security Plans, Security Assessment Reports, SCTM, and POA&Ms in compliance with IA policy.
• Perform weekly system audit reviews, media reviews, and hardware/software configuration management.
• Executes security testing and evaluation to ensure correct implementation of security controls.
• Supports the assessment and mitigation of vulnerabilities throughout a systems life cycle.
• Conduct IA security education training on appropriate risk mitigation strategies for all system users.
• Perform incident response and cleanup actions, when necessary, per company or customer directions.
• Ensure systems are operated, maintained, and disposed of by internal security policies and procedures outlined in the System Security Plan (SSP).
• Assume ISSM responsibilities as assigned by the Region Manager or in the absence of the ISSM.
• Maintains contact with external customer security professionals.

• Bachelor's Degree.
• Minimum of 5 years experience implementing government security requirements, including technical computer/network system auditing.
• Minimum of 5 years experience with various security assessment/hardening tools - STIGs, SCAP, ACAS, Nessus, etc.

• Master's Degree.
• DoD 8570 IAM-I level professional certification (Security + CE, CAP, GSLC) or ability to obtain within six (6) months of hire.
• Systems administration experience.
• Proficient understanding of cyber security specifications such as Risk Management Framework (RMF), JSIG (Joint SAP Implementation Guide), ICD-503, NIST SP 800-53.
• Trained and proficient in Assured File Transfer (AFT) processes and tools.
• Excellent writing, speaking, analytical, and customer service skills.
• Ability to participate in or lead security work groups.
• Must be a self-starter capable of multitasking and efficiently managing time in a dynamic environment while requiring minimal supervision.
• Demonstrated comprehensive knowledge of the NISPOM, JSIG, ICD-503, NIST SP 800-53, and CNSSI 1253.
• A technical background in creating POA&Ms, developing corrective action plans, and writing security plans, policies, and procedural documentation (not just reviewing or performing documentation review).
• The candidate must be a self-starter capable of multitasking and efficiently managing their time in a dynamic environment while requiring minimal supervision.
• Additionally, the candidate will possess effective written, speaking, analytical, organizational, and customer service skills that will assist them in identifying solutions to complex compliance and security problems.

Additional Information:

• Upon offer of employment, the individual will be subject to a background check and a drug screen.
• Active Secret DoD Clearance.
• In compliance with federal law, all persons hired will be needed to verify identity and eligibility to work in the United States and to complete the necessary employment eligibility verification form upon hire.
• Under the International Traffic in Arms Regulations (ITAR), all employees assigned to this client must provide documentation verifying their status as a "U.S. Person," as defined in ITAR clause 120.15. A U.S. Person is a protected individual under the anti-discrimination provisions of U.S. immigration laws.