Managed Care Advisors

  • Information Systems Security Officer (ISSO)

    Job Locations US-MD-Bethesda
    Posted Date 2 weeks ago(1/7/2019 11:57 AM)
    Job ID
    Information Technology
  • Overview

    Would you like to work as part of a collaborative dynamic multi-disciplinary project team of subject matter experts and clinical specialists on a wide range of problems? Do you enjoy analyzing system services, operating systems, networks, infrastructure applications and processes from a security perspective? Are skilled at developing and delivering training materials to perform general security awareness and technology training?


    As an Information Systems Security Officer (ISSO), you will be part of a collaborative dynamic team and your responsibilities will draw upon an information security background, critical thinking, and analytic problem solving skills to support accreditation activities, recommend improvements as required, and effectively support the delivery of secure services to our national customers.


    • Use the Federal Assessment and Authorization (A&A) processes to research, verify, document and test information security controls for the "systems" to be accredited and maintained
    • Develop and maintain System Security Plans (SSP) and additional A&A documentation
    • Conduct system risk assessments and develop Plan of Actions and Milestones (POA&M) and mitigation strategies for potential vulnerabilities
    • Assist with compliance reviews and conduct audits to ensure information systems (IS) maintain the authorization baseline
    • Implement and maintain enterprise-wide IS security policies processes, procedures, and security control techniques
    • Lead vulnerability assessments, security tests and evaluations, and perform continuous threat monitoring activities
    • Initiate protective and corrective measures when a security incident or vulnerability is identified; ensure IS security incidents are handled in accordance with established procedures
    • Analyze government and industry trends, laws and standards and recommend methods to meet these
    • Execute and deliver project activities according to the project plan/scope of work, on time within budget
    • Present Information Security status and issues at MCA client meetings
    • Comply with all State and Federal regulations and abide by company policies and procedures
    • Apply sound business ethics, including the protection of proprietary and confidential information


      • Bachelor's degree (BA/BS) from accredited 4-year college or university required in Information Technology or related field
      • 2+ years of experience leading federal IT security projects
      • 2+ years of experience working as an ISSO on federal IT security projects
      • 2+ year of experience working with NIST (ex. 800-53 Rev. 4), FIPS and/or other risk management frameworks to exercise good judgment, discretion, tact, and diplomacy
      • Strong project management experience
      • CISSP, CISA, CAP, Security+ and/or other equivalent IT security certification
      • Experience analyzing application vulnerability scan reports, antivirus scan reports, and analyzing system patch reports
      • Software Expertise
      • NESSUS or similar vulnerability analysis tools
      • MS Windows (7, 8.1, Server 2008, Server 2012)
      • MS Office Applications Programming Languages
      • MS Windows
      • Programming Languages
      • MS Windows
      • Must be able to obtain and maintain a security clearance
      • Must be a US Citizen
    • Preferred Qualifications

      • Active public trust level federal government clearance
      • Experience with Xacta IA manager (Ex. IACS)
      • Experience with Xacta Continuum
      • Experience with meeting government ATO requirements process, including authoring required documentation
      • Experience developing and maintaining software solutions that encompass both database and Windows application solutions
      • Ability to explain and demonstrate highly technical concepts and applications to team members of varying technical familiarity


    The information provided above has been designed to indicate the general nature and level of work of the position. It is not a comprehensive inventory of all duties, responsibilities and qualifications required.


    Important Information


    Successful candidates will be required to undergo a credit and criminal background check, and obtain and maintain confidential-level security clearance upon hire. We participate in the United States Federal Government E-Verify program to confirm the employment authorization of employee upon hire.


    MCA strives to make our career site accessible to all users. If you need a disability-related accommodation for completing the application process, please contact MCA regarding accommodations. 


    MCA is an Equal Opportunity and Affirmative Action Employer


    All qualified applicants will receive consideration for employment without regard to age, citizenship status, color, disability, marital status, national origin, race, religion, sex, sexual orientation, gender identity, veteran status or any other classification protected by federal state or local laws as appropriate, or upon the protected status of the person’s relatives, friends or associates.


    MCA abides by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.

    MCA abides by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed