Information System Security Officer

Information System Security OfficerIn this position, you are an Information System Security Officer responsible for providing security-related support services to the users of cloud services, system owner, infrastructure and platform engineering resources to maintain/enhance the system’s security posture. You will support or security related efforts to implement security requirements to provide new features to cloud services or perform independent audits to ensure compliance with federal policies and requirements. Essential Functions:Author and update security authorization documents (e.g., System Characterization Documents, System Security Plans, Asset Inventories, Polices and Procedures, architecture/data flow diagrams, etc.) to support annual security assessments and minor/significant changesCoordinate with stakeholders to implement policies and procedures, to include annual updates or as needed to address changes in the system’s authorization boundaryConfigure, monitor and review audit logs using native cloud security monitoring tools Implement automation and leverage Artificial Intelligence to improve operational efficiencyConduct security risk assessment, review security scan results, assess security vulnerabilities and support the development/tracking of Plan of Action and Milestones (POA&Ms) mitigation and/or risk acceptanceResearch security enhancements, document the security architecture and data flows to comply with security policies and controlsStay up-to-date on information technology trends and security standards.Qualifications:Education: Minimum of high school diploma (Bachelor’s degree in Computer Science or similar technical discipline preferred)Experience: At least 5 years of providing Information System Security Officer support Domain: At least 3 years’ experience in one or more technology domains in cloud computing with Azure and Google, and DevSecOps processes and tool suiteCertification: CISSP or equivalentFamiliarity with security scanning tools such Tenable's Nessus, Defender for Cloud, Security Command Center, OWSAP ZAP, AppDetectivePro, WebInspect or equivalentThorough knowledge of FedRAMP, CMMC and NIST 800-53 Rev 5, Federal Information Processing Standards (FIPS) and other significant federal regulations. Knowledge of the DoW Cloud Computing Security Requirements Guide (CC SRG), which defines Impact Levels (ILs) for cloud environments is a plus.Excellent interpersonal skills, including the ability to work on multi-functional teamsJob LocationHybrid (3 times a week)- Must live within commutable distance to Reston, VA Competitive Benefits:Medical, Dental & Vision coverageLife InsuranceShort, Long Term Disability InsurancePTO & Federal Holidays Off401(k) Plan (Matching component included) About TechTrendTechTrend, Inc. is a veteran-friendly small business providing expert solutions, products, and services to the Federal government. Founded in 2003, we continue to evolve with capabilities in application development, artificial intelligence, DevSecOps, cloud enablement, and application development. We are a Microsoft Gold Partner and leading provider of Azure cloud services, to include partnership with AWS and GCP. TechTrend is recognized as a trusted partner delivering knowledge and guidance for our client’s most critical and complex support and service needs. As a liaison for positive organizational change, we form relationships and build bridges while ensuring quality across functions—gaining buy-in from both leaders and end-users and removing barriers to mission success. Our established processes ensure quality delivery of results by maximizing efficiency, productivity, and client satisfaction enterprise wide.