Telophase Corporation is seeking a motivated, career and customer-oriented senior Information Systems Security Officer (ISSO) to join our team.

The ISSO shall ensure the implementation and maintenance of security controls in accordance with the System Security Plan (SSP) in preparation for NIST RMF and 800-53 based independent security assessments and provide strong leadership in the development of a cyber security validation program for mission systems.

Responsibilities:

• Support adoption and implementation of NIST-based standards across the organization in support of multiple mission system authorization boundaries including Cloud-based workloads

• Support all steps of NIST RMF with strong background in NIST SP 800-53 Revision 5 and 800-53A

• Participate in the selection of the organization's common security controls and in determining their suitability for use in the information system

• Review the 800-53 security and privacy controls regarding their adequacy in protecting the planned or operational information system

• Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment and Authorization(A&A) packages, and support system authorization activities

• Implement and enforcing organizational information systems security policies, standards, and methodologies

• Evaluate security solutions to ensure they meet security requirements for processing unclassified/classified information; perform vulnerability/risk assessment analysis to support certification and accreditation. Red Team operations background such as penetration testing is bonus.

• Manage changes to the information system and assess the security impact of those changes.

Required Skills & Experience:

• Education: Bachelor's or higher in computer science/ technical discipline preferred or equivalent work experience

• Years of related experience: 8+ years of experience is required as an ISSO/ ISSM including experience implementing, and enforcing information systems security policies, standards, and methodologies; creating security plans, policies & procedures, SSPs, and Risk Assessment Reports

• Technical Skills: FISMA, FedRAMP, NIST RMF (Risk Management Framework), NIST 800-53 Revision 5 controls, and strong understanding Security Control Assessment (SCA) processes. Good understanding of Windows and Linux operating systems and architecture.

• Good knowledge of public cloud providers such as Azure, AWS, and GCP highly desirable

• Experience with applications for Amazon AWS, Microsoft Azure, GCP or other cloud platforms for large-scale, multi-tenant, SaaS systems highly desirable

• Experience with security assessments of AWS/Azure/GCP environments preferred

• Experience with AWS/Azure/GCP service offerings preferred

• Skills and ideally certifications in public cloud providers (AWS, Azure, GCP) highly desirable

• Cloud Security experience (AWS/Azure/GCP), including both IaaS and PaaS models preferred

• Hands-on experience with public cloud services (AWS, Azure, GCP) preferred

• Hands-on experience in PaaS, SaaS, CI/CD, Docker, Jenkins, Puppet Chef, Ansible, Kubernetes preferred

• Strong understanding of and experience in AWS / Azure / GCP cloud architecture

• Experience developing applications for Microsoft Azure, Amazon AWS, Google or other cloud platforms for large-scale, multi-tenant, SaaS systems a bonus

• Clearance: Must have or be able to attain Public Trust or higher

Desired Skills & Experience:

• Certifications: Cybersecurity certifications, such as CISSP, CISA, CISM, CISA, CEH, GCIH, GCIA, GCFA, GCFE, CDMP, OSCP, OSCE, CDP-DG or similar

Work Type:

Onsite location on a regular basis with some hybrid telework options.

As an Equal Opportunity Employer, it is Telophase’s policy to recruit, hire, and provide opportunities for advancement in all job classifications without regard to race, color, religion, sex, national origin, age, citizenship, marital status, sexual preference, parental status, or disability.