Company Description Founded in 2017 and headquartered in Manassas, Virginia, Toomey Technologies is a SBA certified HUBZone, and Woman Owned Small Business experienced in Program Management and Solution Implementation support services. Our diverse and talented personnel provide structure to develop and execute strategies to maximize mission success. We apply in-depth industry knowledge, analytics expertise, and strategic acumen to design the right solution for our customers' needs. Once the strategy is in place, we help communicate the changes and promote adoption among stakeholders.Job DescriptionImmediate opening for an experienced ISSO to support our DOD client. You will be part of a team ensuring that security requirements for information systems meet FISMA and agency requirements. The ISSO will work closely with the Information Assurance teams including Assessment teams, Compliance and Risk Management.The ISSO is responsible for maintaining and enforcing all Information System Security policies, standards, and directives to ensure assessment and authorization of information systems processing classified information.Work with Information Assurance Engineers and other cyber security personnel to identify, implement, assess, and manage cyber security capabilities and servicesDevelop and update security authorization packages in accordance with the client's requirement and compliant with FISMA. Core documents that the candidate will be responsible for are the System Security Plan, Risk Assessment Report, Security Assessment Plan and Report, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan,Develop and maintain the Plan of Action and Milestones and support remediation activities.Validate that protective measures for physical security are in place to support the system's security requirements.Maintain an inventory of hardware and software for the information system.Develop, coordinate, test, and train on Contingency Plans and Incident Response Plans.Perform risk analyses to determine cost-effective and essential safeguards.Support Incident Response and Contingency activities.Able to perform security control assessment using NIST 800-53A guidance.Support remediation actions associated with findings from inspections and evaluationsSupport efforts to ensure that systems, networks, and data users are aware of, understand, and adhere to system security policies and proceduresSupport various compliance reports for dormant accounts, account configurations, active directory group policies, server configurations, etcWork with system engineers and administrators to develop corrective action plans from internal and external audits.Perform routine self-assessment audits to ensure compliance with agency and federal security requirements.Provide tracking, coordination, and reporting for required cyber security training activities.Review and develop system security plans and other required security documentation as required.Perform vulnerability assessment scans or interpret results of scans and track mitigation actions and progress of system engineers and administrators.Perform certification and accreditation activities as required to ensure assigned systems remain accredited and risk is managed to an acceptable level.QualificationsBachelor's degree in a related field or technical discipline, or 10 years experience in Cyber Security lieu of degreeActive Secret Clearance5+ years' experience in similar roles within the DOD or Federal GovernmentOne of the following DoD 8570.01-M IAT Level II Certification: CCNA Security, GICSP, GSEC, Security+, CND, and SSCPExceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills and ability to lead/mentor teammatesAdditional InformationU.S. Citizenship and active Secret Clearance is requiredPosition is on-site for the first 30 days and then hybrid schedule of 3 days onsite, 2 days remote.Only qualified candidates will be contacted. Be sure to keep an eye on your spam or junk folders in case our emails end up in there! Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process.Toomey Technologies is committed to creating a diverse environment and is proud to be an equal opportunity employer. At Toomey we don't just accept differences — we support them, celebrate them, and as a company, we thrive on them. We celebrate diversity and are committed to creating an inclusive environment for all employees. We actively look for and hire people who bring new perspectives and experiences to our company. All qualified applicants will receive consideration for employment without regard to race, religion, gender, disability, age, or veteran status.
