bolthires, Public Sector Information System Secur...

Position: bolthires, Public Sector Information System Security Officer (ISSO) - Application via WayUp When you join bolthires You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At bolthires, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins.In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What you’ll be doing... As an Information System Security Officer (ISSO) for one of our Public Sector teams, you will bring your passion, education and experience to the critical task of managing security governance, risk, and compliance for bolthires systems supporting our public sector agency sponsors and customers. As an ISSO, you will serve as the principal advisor on all matters involving the security posture of IT systems.You will work with a team of security professionals to ensure that the people, processes, and technology that support IT systems are hardened against all types of security threats and risks. You will provide critical expertise in the development and implementation of industry-leading cyber defense mechanisms that will protect infrastructure against today’s evolving threat actors. You will be responsible for leading security and compliance efforts including the following: • Ensuring that Federal Information Systems Security Act (FISMA), NIST 800-53 rev.5, and agency-specific security requirements are identified, implemented, maintained, tested, and compliant. • Coordinating System Security and Privacy Plan (SSPP) and security artifact development and maintenance activities. • Supporting Assessment and Authorization (A&A) activities in order to achieve an Authorization to Operate (ATO). • Leading the system’s continuous monitoring program and ensuring that all related activities are completed and validated. • Developing and participating in an effective incident response function to detect, analyze, contain, eradicate, and recover from security events and incidents.• Reviewing vulnerability information and providing expertise in mitigation efforts. • Managing the Plan of Action and Milestone (POA&M) and communicating status to stakeholders. • Performing security impact analyses and making security approval decisions on changes to the system and its environment. You’ll need to have: • Bachelor's degree or four or more years of work experience. • Six or more years of relevant work experience. • Experience in an Information Security, Information Risk Management, Cyber Governance, or GRC Compliance related position supporting a FISMA IT system.• Must be able to pass an extensive background investigation as a condition of employment. Even better if you have one or more of the following: • Position-relevant Bachelor’s degree in Information Technology, Cybersecurity, Cybersecurity Public Policy, or Cybersecurity Engineering. • One or more of the following professional certifications preferred: Certified Information Systems SecurityProfessional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Controls (CRISC), or Certified in Governance, Risk and Compliance (CGRC).• Knowledge of all stages of the NIST Risk Management Framework. • Knowledge of NIST 800-53 Rev. 5 controls and how they are implemented. • Knowledge of data security fundamentals and best practices with prior responsibilities of protecting information assets. • Experience in producing security documentation and artifacts for a FISMA IT environment. • Ability to coordinate and lead productive working sessions with resources from multiple application and technology teams across the enterprise. If bolthires and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and a minimum…