Dynamis is seeking a mid-level Information Systems Security Officer with experience in federal acquisition programs to provide program management support services to the Transportation Security Administration (TSA) Office of Training and Development (OTD). Work will be performed on-site at TSA (601 S. 12th St., Arlington, VA 22202) and at Dynamis, Inc. corporate headquarters (8260 Willow Oaks Corporate Drive, Suite 800, Fairfax, VA 22031).
The ISSO shall ensure that management, operational, and technical controls for securing either National Security Systems or SBU level Information Systems are in place and are followed. This includes ensuring that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle, from requirements definition phase through disposal. The ISSO shall possess effective interpersonal and presentation skills as he/she operates in a client-facing role. The ISSO must possess experience with NIST 800 publications standards. The position requires experience with vulnerability scanning and assessments. The ISSO shall conduct Certification and Accreditation (C&A) activities in accordance with NIST 800-37 standards. All C&A deliverables must meet the metrics in the DHS Information Security Performance Plan; this plan will be provided upon contract award. The ISSO shall report IT Security events/incidents in the time prescribed by DHS MD 4300 IT Policy depending on the severity of the incident. The ISSO shall also respond to Information Security Vulnerability Management (ISVM) notifications and ensure all systems under their purview are in compliance with TSA and DHS IT Policies (these policies will be provided upon contract award) by the date prescribed. Per TSA and DHS Policy, the ISSO shall be required to receive approval from the CISO for designation as the ISSO.
The ISSO will support the System Owner for their respective systems and provide C&A artifact maintenance, Continuous Monitoring and POA&M management support. This may include, but not limited to, testing C&A tools, analyzing DHS requirements, editing pertinent trainings, and supporting the Risk Management with vulnerability management or other related duties.