SNAP, Inc. Information System Security Officer in Washington, Sweden
SNAP Inc. provides professional services that empower Government and private industry clients to address tomorrow’s challenges through better alignment of technology with their mission and business objectives. Employees of SNAP Inc. receive Paid Leave, Medical and Dental coverage (employee is paid for 100% by the company; dependents 50%), Life and Disability Coverage, and other benefits.
We are growing our business on a culture of employee engagement. If you are a team-centric, creative professional seeking a challenging and fulfilling career, come grow with us!
SNAP Inc. is seeking an Information System Security Officer (ISSO) to fulfil a variety of requirements in support of our federal client in Washington, DC. The Information System Security Officer (ISSO) will be responsible for overall IT security and privacy support for all in-scope systems, to include but not limited to: SA&A;, privacy, risk analysis and mitigation, IT security and privacy baseline compliance, continuous monitoring, etc.
Only candidates willing to work on a W2 basis will be considered. Sponsorship is not available for this position.
- Evaluation and reporting of vendor compliance to the Federal and GSA security policies for the Office of Travel and Transportation (T&T;) programs (e.g., E-Gov Travel Service [ETS], Travel Management Information System, FedRooms, Emergency Lodging Service, etc.).
- Communication and mitigation of security risks and incidents to GSA program managers/executives, Chief Information Officer (CIO), and agency stakeholders.
- Coordination of renewal and/or new Assessment and Authorization (A&A;) reviews programs; supporting the maintenance of Authority to Operate (ATO)s once received.
- Reviewing vendor deliverables and other artifacts to ensure the solutions are operated, used, maintained and disposed of in accordance with Federal and GSA procedures. Document findings and provide feedback to vendors as appropriate through regularly scheduled or ad hoc review meetings.
- Reviewing security advisory alerts on vulnerabilities and providing management with mitigation recommendations and communication support to raise and promote information security awareness within the community.
- Coordinating with the ETS Program Manager and GSA Security Managers to develop and update the government’s system security plan. In this capacity, the contractor shall assess the security impact of any changes to the system.
- Supporting security incident identification, reporting, and response as needed by the ISSO and GSA CIO teams. Support protective and corrective measures if a security breach occurs and ensuring program response occurs in accordance with policy requirements / protocol based on severity.
- Defining security-related requirements for new acquisitions and provide subject matter expertise in evaluating offeror proposals and/or proposed systems to the government evaluation team(s).
- Provide Computer Network Defense solutions for enterprise information systems deployment
- Review background investigations submitted for current contracts and GSA security personnel, CIO, Program Managers, and Contracting Officer/COR, to ensure users have the required background investigations, the required authorization and need -to-know, and are familiar with internal security practices before access is granted to the system. Background investigations for current contracts will be supervised by this consulting support but processed by 3rd party analyst.
- Support customer security reviews through prior scheduled agreement with the appropriate customer service representative.
- Coordinate review of the Privacy Impact Agreement(s) and obtain program manager’s approval.
- Support enhancement of PMO security management processes (e.g., vendor guidance, templates, document storage procedures, etc.).
- Provide security subject matter expert support to other program initiatives (e.g., review, advice, impact analyses related to new or existing legislation, policies, technologies, etc.).
- Technical 4-year degree in an IT related field, preferably Computer Science or Computer Engineering
- Minimum 5+ years of progressive IT Security experience.
- Must have experience in the concepts, terms, processes, policy and implementation of information security.
- Must have experience and knowledge of the latest security measures at all stages of an information system life cycle.
- Must have the ability to solve complex problems involving a wide variety of information systems.
- Must be able to understand and differentiate between critical and non-critical systems and networks.
- CISSP (Certified Information Systems Security Professional).
- CISA (Certified Information Security Auditor).
- CISM (Certified Information Security Manager).
- Active Public Trust clearance preferred.
Location: Washington, D.C.