Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
Job Details
Are you looking to elevate your cyber career? Your technical skills? Your opportunity for growth? Deloitte's Government and Public Services Cyber Practice (GPS Cyber Practice) is the place for you! Our GPS Cyber Practice helps organizations create a cyber minded culture and become stronger, faster, and more innovative. You will become part of a team that advises, implements, and manages solutions across five verticals: Strategy, Defense and Response; Identity; Infrastructure; Data; and Application Security. Our dynamic team offers opportunities to work with cutting-edge cyber security tools and grow both vertically and horizontally at an accelerated rate. Join our cyber team and elevate your career.The Information System Security Officer (ISSO)/Governance support role is to conduct information system security activities, confirm that information security requirements are effectively implemented throughout the Secure SDLC (architecture, design, development, configuration, and implementation processes) and work on creating or updating policies and RFM strategies.The ISSO/Governance support will perform research and advise on system security, system exploitation, and security control assessment for applications. Responsible for capturing and refining information security requirements for a system or component. Serve as an integral part of the agile development team, advising on security best practices during the design and development of information systems or upgrade of legacy systems. Employs best practices when implementing security requirements within an information system, including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques. The ISSO/Governance support is also responsible for guiding application teams through the RMF accreditation process, including development of the SSPs, review of Risk Assessment Reports, support development of the authorization packages, understanding control responsibility and inheritance model, interpreting monthly and quarterly risk compliance reports, and has experience in vulnerability management leveraging tools including, Tenable Nessus, DBProtect, WebInspect, Prisma, etc.Work you'll do
- Perform, Develop, Modify and lead Risk Management Framework (RMF) assessments, authorizations, and monitoring steps for systems following NIST standards and best practices.
- Work in close coordination with all system stakeholders - Create and maintain existing information system security documentation, including System Security Plan (SSP), A&A packages, Security Controls Matrix and Assessment, and Security
- Bachelor's degree required in Computer Science, Cyber Security, Information Security, Engineering, Information Technology, Finance, Business, Math or in other business-related fields
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
- Active Secret security clearance required
- 2+ years of experience with RMF
- 2+ years of experience with Policy
- 2+ years of previous ISSO experience
- 2+ years of experience with AWS
- Candidates must be at least 18 years of age at the time of employment
- Security+ certification
About the Company
Deloitte LLP
New York City, NY, United States
What impact will you make? Deloitte is one of the largest professional services firms, which means that we touch nearly every aspect of business.... Read more