Information Systems Security Officer

Boston Government Services, LLC. (BGS) is seeking an Information Systems Security Officer to support our client in Washington, D.C.

BGS is an engineering, technology, and security firm helping to advance missions of national importance for government programs, national laboratories, national security facilities, nuclear operations, and complex commercial projects. We support clients at every stage, from strategic planning and program management to the execution of project management, procurement, supply chain management, quality, safety, security, nuclear and systems engineering and technical activities. We strive to attract and retain the best talent because it delivers the best results and "Delivery Certainty" for our clients. Our capabilities are based on our experience in complex, secure, and highly regulated environments. We leverage our expertise and capabilities to provide mission-driven integrated services, systems, and solutions tuned to our clients' mission needs, challenges, requirements, expected results, and strategic direction.

We are passionate about our culture! At BGS, we hire people who will bring their whole self to work each day because we value operating with openness and inclusivity, welcoming and respecting all. BGS cares for each employee's well-being by offering a comprehensive benefit package and providing a culture of exciting work, excellence, and fun.

If you align with BGS' company values and culture, we would love for you to explore opportunities to join our growing team by checking out the job description below!

The Information System Security Officer (ISSO) is responsible for executing the clients' risk management program and implementing the Risk Management Framework across both classified and unclassified networks. The ISSO is an expert in Assessment and Authorization (A&A) of Federal information systems, technology risk assessments, and the National Institutes of Standards and Technology (NIST) Cybersecurity Framework; and has broad knowledge in Information Technology (IT), Operation Technology (OT), Industrial Control Systems (ICS), and cybersecurity operations. The ISSO ensures effective implementation of cybersecurity policy across the enterprise. Successful candidates for this role will be expected to stay up to date on the latest cybersecurity risks and threats and provide subject matter expertise (SME) within the organization on IT/cybersecurity security risks and proper mitigations.

Responsibilities:

• Advise senior management on risk levels and security posture.
• Advise senior management on cost/benefit analysis of information security programs, policies, processes, systems, and elements.
• Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
• Collect and maintain data needed to meet system cybersecurity reporting.
• Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.
• Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance.
• Ensure that security improvement actions are evaluated, validated, and implemented as required.
• Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
• Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
• Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risks.
• Participate in the acquisition process as necessary, following appropriate supply chain risk management practices.
• Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate.

Basic Qualifications:

• Bachelor's degree in engineering/computer science/mathematics/information technology discipline with a minimum of 4 years of relevant experience OR equivalent combination of education and experience.
• Knowledge of Risk Management Framework requirements and process.
• The ability to ensure the cyber security program remains in compliance with NIST requirements.
• Ability to evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
• Knowledge of federal cyber work environments.
• Knowledge of current and emerging threats/threat vectors.
• Knowledge of business continuity and disaster recovery continuity of operations plans.
• Knowledge of system life cycle management principles, including software security and usability.
• Successful drug screening.
• Must be a U.S. citizen.
• Must be able to obtain and maintain a security clearance.

Preferred Qualifications

• Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DOD Instruction 8570.1 Information Assurance Management (IAM) Level III proficiency.
• Knowledge of ITIL framework.
• Active "Q" Clearance.

Location/Work Arrangement:

• This position is a fully onsite position in Washington, D.C.

Benefits:

BGS offers a competitive total compensation package to eligible employees. Benefits include Health, Dental, Vision, Life Insurance, Paid Vacation, 401K, Long and Short-Term Disability.

EEO:

BGS is an Equal Opportunity/Affirmative Action employer. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.

Exclusive Agreement Disclaimer:

BGS has standing contracts with federal agencies throughout the United States. We require an affirmative exclusive agreement to represent all candidates to our clients. By submitting this application, you are consenting to allow BGS to represent you as a candidate for the role in which you are applying.