Dine Development Corporation

Information Systems Security Officer (Lead)

US-MD-Fort Meade
2 weeks ago(1/10/2018 9:03 AM)
ID
2018-2355

Corporate Overview

NOVA Corporation is 100% tribally owned by the Navajo Nation.  

 

NOVA Corporation is dedicated to providing outstanding services to its customers and employees.  Our strength is in our ability to understand our client's needs and deliver a solution that will not only meet those needs but exceed their expectations.

NOVA Corporation strives to be innovative in all areas of business and is committed to technical excellence.  Our corporate offices are located on the Navajo Nation reservation in Window Rock, Arizona, Chambersburg, Pennsylvania, Albuquerque, New Mexico, and Columbia, Maryland.

 

NOVA Corporation provides unique, custom solutions to meet our customers’ communications needs. Our solutions provide communication capabilities using modern technology. At their most complex, they are multi-purpose systems that gather information from dozens of different sources. The information is presented to decision makers immediately, visually, clearly.

 

NOVA Corporation will accommodate individuals with disabilities that need assistance applying for open positions.

 

NOVA Corporation is an equal opportunity/affirmative action employer subject to the Navajo Preference in Employment Act.

Responsibilities

The ISSO will perform the following duties:

  • Develop Assessment & Authorization (A&A) packages (Risk Assessment, SSP, IT Contingency Plans, etc.)
  • Conduct all steps of the National Institute of Standards and Technology (NIST) Risk Management Framework
  • Create and track change request packages
  • Provide expert advice to developers, administrators, and others during system development lifecycle
  • Assist in the Security Control Assessment (SCA) process
  • Improve security controls and enhance system security
  • Develop Security Impact Assessments
  • Manage Plans of Action & Milestones (POA&M) and assist with remediation
  • Review vulnerability scans (ACAS)
  • Act as the main POC and expert for all security related matters for assigned systems
  • Proactively monitor CERT and similar organizations for potential vulnerabilities that could impact assigned systems and develop mitigation plans
  • Ensures systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan
  • Ensures that all users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before granting access
  • Ensures configuration management (CM) for security-relevant IS software, hardware, and firmware is maintained and documented
  • Ensures all information system security-related documentation is current and accessible to properly authorized individuals
  • Maintains records, outlining required patches/system upgrades that have been accomplished throughout the information system's life cycle
  • Ensures that all systems/network are compliant and in scope of current accreditation
  • Evaluates proposed changes or additions to the information system, and advises the Information Systems Security Manager (ISSM) of their security relevance
  • Create and maintain Plan of Action and Milestones (POAM) or Risk Acceptance/Acknowledgement Letters (RALS)
  • Communicate effectively
  • Assist with security education / Conduct training sessions
  • Participate in internal / external security audits/inspections
  • Directs program system administrators on security matters
  • Performs weekly audits as directed by the Information Systems Security Manager (ISSM)
  • Create weekly and monthly security status reports

Qualifications

  • Education: Bachelor’s degree in Computer, Computer Security, Information Technology, or equivalent.
  • Experience: 5 to 7 year progressive experience in IT and Security.
  • Clearance:  Minimum of Secret

Certifications Required

none

Certifications Preferred

none

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed