Job Description
Job Description
Maveris is an IT and cybersecurity services company committed to helping organizations create secure digital solutions to accelerate their mission. Originally founded as a Veteran-owned company, we remain deeply committed to supporting veterans and proudly serving customers across the Federal Government and private sector. We have an opening for a full-time, Information System Security Officer (ISSO) to join our talented, dynamic team.
As an ISSO, you will play a critical role in supporting the mission of the department of Veterans Affairs (VA) by transforming complex technical information into clear, concise, and user-friendly documentation (e.g., Security Plans, SOPs, ATO documentation), enabling the IT systems to obtain an ATO.
Veterans are encouraged to apply.
As an ISSO supporting Maveris programs, you will be trusted to lead the ATO efforts including the creation and maintenance of Authorization and Accreditation documentation. In this role, a typical day will include:
- Operate as the primary security point of contact for the system and acts as a liaison between the system team and the agency's security and authorizing officials.
- Develop and maintain the System Security Plan (SSP), which is the core document for the ATO package.
- Ensure that a comprehensive Contingency Plan (CP) is developed to outline procedures for system recovery in the event of a security incident or disaster.
- For systems handling personally identifiable information (PII), the ensure a Privacy Impact Assessment (PIA) is completed to assess and mitigate privacy risks.
- Based on the system's security categorization (low, moderate, or high), work with the system team to select and implement the appropriate security controls from NIST Special Publication 800-53.
- Develop and manage the plan for continuous monitoring, which ensures that security controls remain effective and that the system's security posture is maintained post-ATO.
- Support the security assessor team (internal or third-party) during the security assessment. This involves providing system documentation and evidence to demonstrate that controls are implemented correctly and are operating as intended.
- Coordinate and oversee vulnerability scans and penetration tests to identify weaknesses in the system.
- For any security weaknesses identified during the assessment, the ISSO is responsible for developing and tracking the Plan of Action and Milestones (POA&M):. This is a remedial action plan that details how and when the weaknesses will be mitigated.
- The ISSO continuously assesses the system's risk posture and provides a recommendation to the Authorizing Official (AO) regarding the system's readiness for an ATO.
- Compile the final ATO package, which includes the SSP, assessment reports, and POA&M, for review by the AO.
Requirements
- Bachelor's Degree or higher - equivalent experience may be considered in lieu of a degree.
- 5+ years of ISSO experience with a federal information system.
- Cybersecurity certifications such as Security+ or similar is a plus.
- Understanding of Cybersecurity tooling especially Palo Alto Products such as Prisma Cloud.
- Experience with Agile project management methods and frameworks such as SCRUM and SAFe is preferred.
- Working knowledge of program/project management software (Microsoft Project, Jira, Microsoft 365/Teams applications, etc.)
- Exceptional written and verbal communication skills.
- Strong planning, organizational, and time management skills.
- Exceptional analytical and conceptual thinking skills.
- Strong leadership skills and ability to work collaboratively with a team of peers.
Benefits
Maveris attracts and retains talent of the highest caliber by offering opportunities to work in exciting and challenging environments surrounded by bright minds. Our employees are our most prized asset and are rewarded with highly competitive compensation and a top-tier benefits package, including:
- 401(k) with company match
- Dental Insurance
- Health Insurance
- Vision Insurance
- Life Insurance
- Paid Time Off
About Maveris
Maveris offers exceptional, mission-focused, solutions to organizations facing highly complex IT, digital, and cybersecurity challenges. Our success is achieved by maintaining an environment of trust where people are encouraged to reach their fullest potential. Every candidate that applies to Maveris brings something unique to the table, and because our team is diverse, we consistently meet our goals and exceed client expectations. If you are a highly-motivated person with a willingness to learn, we invite you to apply today to join our team!
To learn more about employee benefits visit www.maveris.com.
For company updates and the latest job postings check us out on LinkedIn.
If you'd like to read about some of our research and projects head over to Maveris Labs.
Want a more behind the scenes view? Check out our blog Maveris Insights to learn more about the team behind the solutions.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.