Information Systems Security Officer - (100% Remote)

Position Description

Serco is seeking an Information Systems Security Officer - (100% Remote) to handle all aspects of implementing the National Institute of Standards (NIST) Risk Management Framework. This role calls for a well-rounded self-starter who thrives in a fast-paced, demanding environment. Key attributes we are seeking for this role is the ability to multitask and prioritize deliverables, strong security tool acumen, and knowledge of managing the implementation and assessment of NIST security controls. The selected individual will consistently demonstrate high levels of technical and professional knowledge and quickly assimilate new information. The successful candidate will have a strong program control background with experience in a task order driven environment.

This position is contingent upon your ability to obtain and maintain a DoD Top Secret security clearance 

In this role, you will:

• Participate in the planning and execution of the System Engineering Lifecycle (SELC).
• Provide information security expertise to system owners and application development teams.
• Ensure appropriate security controls are applied during each SELC phase.
• Perform all tasks within seven steps of the NIST Risk Management Framework
• Conduct periodic vulnerability scans and audit log reviews.
• Assist in Cybersecurity Maturity Model Certification assessments, IT General Control Assessments, as well as other assessments and audits.     
• Monitor compliance.
• Assist the Security Operations Center (SOC) with threat hunting and other incident response activities as required.  

GET TO KNOW YOUR RECRUITER! 

Qualifications

To be successful in this role you will have: 

• Ability to obtain and maintain a DoD Top Secret security clearance 
  • U.S Citizenship Required 
• A Bachelors degree
  • Or a High School Diploma/GED with 9 years of progressive related experience in lieu of degree 
• Minimum 5 years of progressive related experience 
• Expert knowledge of the NIST risk management framework
• Experience applying the Federal Information System Control Audit Manual (FISCAM) during financial system audits
• Experience using Archer, Riskonnect Unified Compliance Framework or similar enterprise risk management tool
• Experience using Sentinel, Tenable, Defender, and other common security tools and appliances
• Intermediate scripting skills in PowerShell and/or Python
• Experience with KQL and/or SQL queries
• Knowledge of general and corporate business practices, government contracting regulations and principles, and accounting and finance principles
• Demonstrated ability to work as part …