Apertus Partners MCLEAN, VA, McLean, Virginia, United States
May 22, 2019Contract to Hire
Apertus Partners is currently seeking an Information Systems Security Officer (ISSO) Senior Associate in McLean, VA. Responsibilities: Guidehouse Security Operations function reviews and recommends security policies and programs designed to protect the firm's people and assets. This includes managing the Firm's pre-employment and Partner screening programs and the travel security and emergency evacuation programs, as well as providing investigative support for the Firm's client acceptance and client continuance processes, the Office of General Counsel, Ethics and Compliance, and local offices. The Forensic Investigations Unit conducts financial investigations and pursues internal and external fraud investigations. Our Federal Security Office (FSO) is responsible for managing risk and monitoring compliance of Guidehouse's US Firm's participation in the National Industrial Security Program (NISP) and the protection of sensitive government information. Background investigations and paperwork required by the federal government are also coordinated by the FSO working closely with federal government security offices. The FSO implements and manages security awareness and education programs for Guidehouse engagements accessing government information. The FSO also has the responsibility for managing risk and monitoring compliance with government laws and regulations regarding the protection of classified information and CUI, including Guidehouse-owned information systems that store, process, transmit, or otherwise have access to classified information or CUI. Qualifications Basic Requirements: 3+ years of experience Bachelor's degree or 5 years experience in Federal IT Preferred Knowledge: Top Secret Clearance Certification(s) Preferred: CISSP, CISM, CISA, or GIAC certifications Federal Information Security Management Act (FISMA), FEDRAMP, National Institute of Standards and Technology (NIST) Special Publication (SP) 800 Series and Federal Information Processing Standards (FIPS), OMB Circular A-130 Appendix III, UNIX, Windows Servers, databases (Oracle, SQL, DB2), mainframe, firewalls, routers, wireless environments, mobile devices, and cloud computing. Computer Forensics techniques . Demonstrated knowledge of: System security, controls of information security management environment in one or more of the following information security domains Security Architecture Design, Identity & Access Management, Data Leakage Prevention, Security Function Design and Governance, Incident Management and Investigations, Security Infrastructure, Information Security Governance and Risk Management. Federal or Departmental standards such as the National Industrial Security Program Operating Manual (NISPOM), Director of Central Intelligence Directives (DCIDS), ICDs, COMSEC (National Security Agency (NSA). Communications Security Guidelines), DIACAP/DITSCAP, HIPAA, Privacy Act, etc. Skills Preferred: Proven ability to: information security, IT audits, risk and security assessments, network and application penetration testing, intrusion detection, and vulnerability/risk validation. Plan, implement, upgrade, and monitor security measures for information systems containing sensitive or classified U.S. Government information Provide information security awareness training to all employees, contractors, alliances, and other third parties utilizing Guidehouse's information systems Monitor compliance with engagement information security policies and procedures among employees, contractors, alliances, and other third parties Provide assistance and guidance during security incidents, and coordinate appropriate responses to those incidents Execute other assignments as directed by the Security Manager and CISO Perform the following with regards to information security strategy, organization, policy and gvernance: Develop an awareness of firm services Build effective relationships with clients and identify and address client needs Communicate effectively with various audiences and all levels of the organization both verbally and through written communications Be responsive, customer focused, and possess the qualities of diplomacy, tact, excellent judgment, discretion, and initiative Manage time, demonstrate flexibility in prioritizing and completing tasks, cmmunicate potential conflicts to a supervisor Take independent action, analyze problems and provide focused solutions Negotiate and mediate with Government officials, Partners, and or staff for the firm assigned engagements Leverage network and application security assessment tools and methodologies to manage and address security and control issues Additional Requirements This position requires successful completion of a background check and employment verification. The successful candidate must not be subject to employment restrictions from a former employer (such as a non-compete) that would prevent the candidate from performing the job responsibilities as described.