Position Description :
Serco is seeking an Information Systems Security Officer – (100% Remote) to handle all aspects of implementing the National Institute of Standards (NIST) Risk Management Framework. This role calls for a well-rounded self-starter who thrives in a fast-paced, demanding environment. Key attributes we are seeking for this role is the ability to multitask and prioritize deliverables, strong security tool acumen, and knowledge of managing the implementation and assessment of NIST security controls. The selected individual will consistently demonstrate high levels of technical and professional knowledge and quickly assimilate new information. The successful candidate will have a strong program control background with experience in a task order driven environment.
In this role, you will:
- Participate in the planning and execution of the System Engineering Lifecycle (SELC).
- Provide information security expertise to system owners and application development teams.
- Ensure appropriate security controls are applied during each SELC phase.
- Perform all tasks within seven steps of the NIST Risk Management Framework
- Conduct periodic vulnerability scans and audit log reviews.
- Assist in Cybersecurity Maturity Model Certification assessments, IT General Control Assessments, as well as other assessments and audits.
- Monitor compliance.
- Assist the Security Operations Center (SOC) with threat hunting and other incident response activities as required.
Qualifications:
To be successful in this role you will have:
- A Bachelors degree and minimum 5 years of progressive related experience
- Or a High School Diploma/GED with 9 years of relevant experience in lieu of degree
- United States Citizenship
- Expert knowledge of the NIST risk management framework
- Experience using OpenRMF, DOJs Cyber Security Assessment and Management (CSAM) tool, DoDs Enterprise Mission Assurance Support Services (eMASS) tool, Telos XACTA, Archer, or similar enterprise risk management tool
- Experience using Splunk, Sentinel, Tenable, Defender, and other common security tools and appliances
- Intermediate scripting skills in PowerShell and/or Python
- Experience with KQL and SQL queries
- Knowledge of general and corporate business practices, government contracting regulations and principles, and accounting and finance principles
- Demonstrated ability to work as part of a collaborative team with a focus on high professional standards, strong follow-up, and successful project execution
- Ability to travel up to 10%
Additional desired experience and skills:
- Certified Information Systems Security Professional (CISSP) certification
- Certified Information Systems Auditor (CISA) certification
- Project Management Professional (PMP) certification
- Microsoft and Amazon security certifications
In compliance with state and local laws regarding pay transparency, the salary range for this role is $83,365.11 to $138,941.85; however, Serco considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate’s work experience, education/training, and key skills.
Company Overview :
Serco Inc. (Serco) is the Americas division of Serco Group, plc. In North America, Sercos 9,000+ employees strive to make an impact every day across 100+ sites in the areas of Defense, Citizen Services, and Transportation. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state, provincial and local governments, and commercial clients. While your place may look a little different depending on your role, we know you will find yours here. Wherever you work and whatever you do, we invite you to discover your place in our world. Serco is a place you can count on and where you can make an impact because every contribution matters.
To review Serco benefits please visit: . If you require an accommodation with the application process please email: or call the HR Service Desk at , option 1. Please note, due to EEOC/OFCCP compliance, Serco is unable to accept resumes by email.
Candidates may be asked to present proof of identify during the selection process. If requested, this will require presentation of a government-issued I.D. (with photo) with name and address that match the information entered on the application. Serco will not take possession of or retain/store the information provided as proof of identity. For more information on how Serco uses your information, please see our Applicant Privacy Policy and Notice .
Serco does not accept unsolicited resumes through or from search firms or staffing agencies without being a contracted approved vendor. All unsolicited resumes will be considered the property of Serco and will not be obligated to pay a placement or contract fee. If you are interested in becoming an approved vendor at Serco, please email .
Serco is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.
Splunk SQL powershell Python Project Management Professional (PMP) kql sentinel amazon archer Certified Information Systems Security Professional (CISSP)