Information System Security Officer (ISSO)
The Team
UberEther is a leader in the Identity and Access Management (IAM) and #ZeroTrust space. Our platform and expert services team enable government and commercial customers to have ultimate control over access to critical information. We are employee first, with outstanding benefits and a track record of upskilling and fostering growth. We're looking for employees who get excited about pioneering novel solutions to new, complex challenges.
Responsibilities
- Partner with Sales and Technology teams to ensure security policies and procedures are consistently applied and updated across the organization.
- Maintain our FedRAMP High ATO and facilities clearance, ensuring compliance with all relevant regulations and standards.
- Complete necessary Significant Change Requests (SCRs) in a timely and efficient manner.
- Support the development and execution of security awareness training programs, with internal stakeholders and external partners.
- Assist in planning and organizing security audits, including coordinating travel arrangements and accommodations for auditors.
- Write comprehensive security reports and documentation for internal use and regulatory compliance.
- Maintain the company's security policy documentation; Initiate and maintain compliance with relevant security standards and frameworks.
- Develop and manage Plans of Action and Milestones (POAMs) to address and mitigate identified security vulnerabilities.
- Lead efforts to create System Security Plan Documentation.
- Work through the differences of the various compliance levels from different agencies and be able to talk to the overlap.
Primary Qualifications
- 7+ years of practical experience in information security or related fields.
- Excellent writing and communication skills, with a strong attention to detail.
- Experience in security planning or coordination, particularly in managing logistics for security audits or inspections.
- Proficient in using basic security software, such as SIEM tools or vulnerability assessment tools, to monitor and secure the organization's IT infrastructure.
- Familiarity with regulatory requirements and best practices in information security.
- Strong organizational and multitasking abilities, with the capability to manage multiple projects and deadlines effectively.
Differentiators
- Previous experience in developing security policies, procedures, or training programs.
- Knowledge of compliance standards, such as ISO 27001, NIST, GDPR, and FedRAMP.
- Understanding of security analytics tools, such as Splunk or security dashboard tools, to measure the effectiveness of security measures.
- Demonstrated creativity and ability to think outside the box in developing security solutions and strategies.
- Experience with risk management and incident response planning.
Location
This role is offered as a remote or hybrid position based out of our Sterling, VA office.
Benefits
We understand the value of such people, reward them accordingly, and provide best-in-class benefits to support them and their family’s well-being. Full-time employees are eligible to receive top-notch Medical, Dental, Vision, 401K savings plan, Life Insurance, and Short and Long-term Disability benefits as well as generous paid flex-time, education and technology reimbursement. This includes:
- 100% employer covered health care premiums
- 6% 401k match
- Education and professional development budget
- 25 PTO days per year, which increases with tenure
- Annual technology budget
Core Values
UberEther’s Core Values are a set of guiding principles that define our expectations of employees. Please be prepared to discuss these in your interview process and provide examples of where you have demonstrated these core values. See more at https://uberether.com/careers/.
- Grow With Purpose
- Confident, Not Cocky
- The IT Factor
- Team Player
- Whole Authentic Self
All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
What We Do
We are a dedicated group of software developers and consultants developing and deploying the next generation of identity management and cloud solutions to our customers. We take care of our employees so they take care of our customers. It's a different way of doing business and our customers are thankful for it.