Design. Disrupt. Repeat. 

Be an agent of change on a team committed to achieving client-focused, mission-driven excellence. Steampunk is looking for an experienced Information Systems Security Officer Team Lead with an appetite for taking on new challenges. 

Responsibilities 

The ISSO Team Lead serves as a Lead Cyber Security Specialist and will perform level III ISSO and/or ISSO support responsibilities as well as Team Lead responsibilities to include: 

• Leading a team of ISSOs including prioritizing continuous monitoring schedules, performance management, and customer relationship management. 

• Ensuring that all ISSOs within the program area are properly trained on ISSO activities. 

• Providing security-related expertise and mentorship to junior ISSOs within the program area. 

• Supporting personnel management activities for the program area team. 

• Ensuring that security requirements for the assigned major application or general support system are being or shall be met.

• Ensuring that requests for security authorization (also referred to as C&A) of assigned major application or general support systems are completed in accordance with the published procedures. 

• Ensuring that protective measures for physical security threats are in place. 

• Ensuring compliance with all legal requirements concerning the use of commercial proprietary software, e.g., respecting copyrights and obtaining site licenses. 

• Maintaining an inventory of hardware and software within the program/development offices or field site facilities. 

• Coordinating the development of a Contingency Plan and ensuring that the plan is tested and maintained. 

• Ensuring risk analyses are completed to determine cost-effective and essential safeguards. 

• Ensuring preparation of security plans for sensitive systems and networks. 

• Attending security awareness and related training programs and distributing security awareness information to the user community as appropriate. 

• Reporting IT security incidents (including computer viruses) in accordance with established procedures. 

• Reporting security incidents not involving IT resources to the appropriate security office. 

• Providing input to appropriate IT security personnel for preparation of reports to higher authority concerning sensitive and/or national security information systems. 

Job Requirements 

• Bachelor’s Degree in related IT field 
• Ability to obtain a U.S. government Security Clearance 
• Eight years of IA experience; 3 of which must be FISMA-related  

Required Skills 

• Experience leading teams of information security professionals

• Demonstrated ability to apply extensive knowledge of a variety of the IA field’s concepts, practices, and procedures to ensure the secure integration and operation of all systems

• Knowledge of NIST SP 800 family of publications, particularly those associated with risk management policy and procedures

• Extensive specialized knowledge of financial audit standards, classified system IA requirements, Privacy Act requirements, or Critical Infrastructure Protection

• Experience with evaluating systems, networks, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines

• Extensive knowledge and experience with three (3) of the four (4) following criteria: 

• • Vulnerability scanning execution, assessment, and analysis 

• • Operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN])

• • Information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies

• • Application security, database security, and network security

• Demonstrated ability to assess and weigh current and evolving security threats in an operational environment 

• Knowledge of DHS Information Security Policy Directives and Handbooks
• Experience with Azure

Required possession of one or more professional security certifications, including but not limited to: 

• Certified Information System Security Professional (CISSP) 

• Certified Information Systems Auditor (CISA) 

• Certified Ethical Hacker (CEH) 

Preferred Skills 

• Demonstrated ability to rely on extensive experience and judgment to plan and accomplish goals

• Able to work effectively independently to solve problems quickly and completely

• Ability to lead effectively and direct the work of others

• Experience reporting to, communicating with, and/or collaborating with Federal program stakeholders

• Experience in supporting, monitoring, testing, and troubleshooting hardware and software IA problems

• Excellent oral and written communication skills

• Management experience in leading a team of security professionals

Steampunk relies on several factors to determine salary, including but not limited to geographic location, contractual requirements, education, knowledge, skills, competencies, and experience. The projected compensation range for this position is $125,000 to $175,000.  The estimate displayed represents a typical annual salary range for this position. Annual salary is just one aspect of Steampunk’s total compensation package for employees. Learn more about additional Steampunk benefits here. 

Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors.  Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges.  As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.