Information Systems Security Officer (ISSO)
Company Altus Consulting Corp
Location Herndon, VA
Preferred GIAC Certifications GSEC, GCCC, GCWN, GMON, GSLC
Travel 10%
Salary Not provided
Contact Name Jonathan Fitch
Contact Email jonathan_fitch/at/
Expires 2023-02-28

Job Description

This position is a great opportunity to break into cyber security with a company that invests heavily in their employees. Benefits include 7 weeks PTO, 15% 401k Contribution, and unlimited training budget. This role is for an junior/intermediate level individual with familiarity with security best practices and our customer's accreditation process. The requirements are flexible if a candidate is highly technical and motivated with a strong desire to learn and grow their skillset.

Please contact Jonathan Fitch at if you have any questions.

The ISSO shall possess the following:

- Two years of experience with the Customer's A&A process, ICD 503, NIST Risk Management Framework.
- Two years experience writing technical reports related to A&A, System Security Plans (SSP), security policies or guidance.
- Two years of demonstrated knowledge and technical skills in: network architecture; configuration of a local area network (LAN); and hardening of various operating systems.
- Five years of Experience with Microsoft Windows Server, Windows 7, Windows 8, Windows 10, Microsoft Office Suite (Word, Excel, PowerPoint), Apple/MAC OS, Unix/Linux systems, and virtualization software (VMware, Hyper-V, Virtual Box). Experience using vulnerability and compliance assessment tools such as Nessus, Rapid 7, SCAP, or App Detective.
- Cyber security certification to include at least one of the following: GSEC, GCCC, GCWN, GMON, GSLC. Other industry certifications may satisfy this requirement as well.


- Cyber security certification to include two or more of the following: GSEC, GCCC, GCWN, GMON, GSLC
- Demonstrated experience giving technical guidance to system administrators.
- Three or more years of experience with the Sponsor's or IC Community's A&A process, ICD 503, NIST Risk Management Framework.
- Any additional certifications (that are not mentioned in the "Minimum" requirements section above) and acquired within the last three years, that address any of the following technical areas: network infrastructure, mobile device integration, hardware evaluation, operating systems, technical support, configuring basic network infrastructure, authentication, security testing, intrusion detection/prevention, incident response and recovery, attacks and countermeasures, and malicious code countermeasures

Special Requirements: This position requires an active clearance.

• Exerting up to 20 pounds of force occasionally, to move objects.