Red Arch Solutions

  • ISSO - Security Lead

    Job Locations US-VA-Springfield
    Job ID
    Information Technology
    Position Type
    Regular Full-Time
  • Job Description

    ***Active TS/SCI with Polygraph Required***


    Red Arch Solutions is a proven and effective small business integrator and consultant, recognized as a leading provider of IT development to the Federal Government, and primarily focused within the Intelligence Community.


    We are an official Amazon Web Services (AWS) Partner, and are pleased to now offer Cloud Solutions Architecture and Engineering using AWS. We promote the advancement of our staff in achieving AWS certifications.


    Red Arch is seeking an ISSO Security Lead to support NGA.


    The scope of this contract relates to the management of NGA’s Research Labs across the US.  The effort will provide both system administration for networks, servers, cloud and audio/visual devices and security engineering support services to include architecture documentation and testing.


    The ISSO security lead will provide security-engineering support services required to operate and sustain the NGA Research Lab Environment (RLE) at five CONUS locations. These services include all security engineering actions related to documentation and use of XACTA to support the approval and accreditation of hardware and software for RLE systems and customers


    Responsibilities/Job Function:

    • Create, update, enter, and manage all system Information Technology Disaster Recovery (ITDR) plans into the NGA ITDR database

    • Develop, maintain and execute schedules for the Plan of Action and Milestones (POA&M)

    • Track and resolve outstanding liens for research segment/system/entity, as documented for an Authority to Operate (ATO)

    • Chair Technical Exchange Meetings (TEMs) on new Research systems architecture, security issues, and prepare meeting notices, agendas, briefings and minutes, as required

    • Enforce DNI and Federal Information Security Management Act (FISMA) compliance for Information Assurance (IA), as it applies to the RLE systems

    • Develop and promulgate additional guidance relating to IA training, certification, and workforce management requirements

    • Monitor CIO-T reports for  Host-based Security System (HBSS).  Coordinate with RLE system administrators to verify all systems are in compliance and reporting to enterprise resources as required

    • Conduct independent technical and non-technical evaluations of systems architecture based on the security requirements and security controls documented in the certification evidence

    • Maintain a repository for all IA certification and accreditation documentation and modifications, and input/update Xacta

    • Develop standardized processes and procedures in support of Information Security

    • Research, recommend, and implement changes to procedures to protect data from future violations

    • Track Information Assurance Vulnerability Management (IAVM) reporting and patch management

    Minimum Qualifications

    • Mandatory Security Clearance Requirement: TS/SCI with CI Poly
    • Demonstrated proficiency and experience working with some or all of the following: Linux (CentOS and Red Hat), Microsoft Windows (Server and Workstation), Amazon Web Services (AWS), databases (Oracle, MySQL), web services, internet protocols, Network Attached Storage (NAS) and Storage Area Network (SAN) systems

    • A Bachelor’s Degree from an accredited institute in an area applicable to this position (e.g. information systems, computer science, math, or engineering) and five (5) years of relevant technical experience or fifteen (15) years of relevant experience across both minimum and desired qualifications

    • Must presently be 8570 compliant (IAT Level 2 preferred); must be 8570 compliant (IAT Level 2) by date of security indoctrination with any necessary continuing education (CE) for certification 

    Desired Qualifications

    • Demonstrated experience in establishing system Authorization and Accreditation (A&A) in a classified government environment. Performing necessary security certification and accreditation actions to obtain and maintain Authority to Test/Connect/Operate (ATT/ATC/ATO)
    • Familiarity with ICD 503 and Federal Information Management Act (FISMA) compliance

    • Evaluating and assessing compliance with established IA policies and regulations. Conducting independent technical and non-technical evaluations of systems based on the security requirements and security controls

    • Developing standardized processes and procedures in support of Information Security endeavors

    • Information Assurance Vulnerability Alert (IAVA)/Information Assurance Vulnerability Management (IAVM) tracking, implementation and reporting, and up-to-date patch management.

    • Providing configuration management and IA assessments of hardware/software technology

    • Entering and maintaining system’s C&A information into the XACTA database


    Red Arch Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, or protected veteran status. Red Arch Solutions takes affirmative action in support of its policy to advance in employment individuals who are minorities, women, protected veterans and individuals with disabilities.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.