SITEC, Network Administrator, JBLM, WAJob LocationsUS-WA-Joint Base Lewis-McChordRequisition ID2024-151564Position CategoryInformation TechnologyClearanceTop SecretResponsibilitiesPeraton requires Information Systems Security Officer to support the Special Operation Command Information Technology Enterprise Contract (SITEC) - 3. Positions are located at the SOCOM Headquarters at MacDill, AFB FL, and at the TSOC and Component locations in the United States and abroad.The purpose of the Special Operations Forces Information Technology Enterprise Contract (SITEC) 3 Enterprise Operations and Maintenance (EOM) Task Order (TO) is to provide USSOCOM, its Component Commands, its Theater Special Operations Commands (TSOCs), and its deployed forces with Operations and Maintenance (OM) services to maintain Network Operations (NetOps); maintain systems and network infrastructure ensuring the security and integrity of Federal/National Security organization's information systems, managing risk, and ensuring compliance with all relevant regulations and standards. The responsibilities and tasks associated with each requirement play a pivotal role to USSOCOM, the CIO/J6 organization, and ultimately the end-user who operate around the globe 24x7x365. This role requires a proactive approach to security management and the ability to work closely with both technical and non-technical stakeholders.Responsibilities:Work with a team of IT risk management assessors performing IT risk and controls assessments using government governance guidance and organizational policy procedures.Performing walkthrough interviews and maintaining communication with a variety of client stakeholders, including Subject Matter Experts (SMEs) such as system and database administrators.Requesting, obtaining, reviewing, and analyzing a variety of artifacts to assist in executing IT controls testing such as security plans, SOPs, system screenshots, and system configuration settings.Evaluating the design and operating effectiveness of IT controls using provided artifacts, industry-standard guidance, leading practices, and professional judgement.Documenting the results of IT controls test work in a consistent and high-quality manner that would allow a reviewer to repeat the test and reach the same conclusion.Summarizing and communicating IT controls assessment results to a variety of client stakeholders, including senior leadership personnel.Planning and executing day-to-day activities of IT controls assessments individually and as part of a team.Working with client personnel to understand and analyze known IT control weaknesses, identify root causes, and develop detailed, robust remediation plans.Providing subject matter expertise to client personnel on all matters relating to IT controls and responding to ad-hoc IT controls requests from client personnel.Implement and manage continuous monitoring programs to ensure ongoing security of information systems.Extensive experience with Risk Management Framework (RMF) process and 800-53, 37.Experience creating and updating Security Assessment and Authorization (SAA) artifacts such as FIPS 199, Contingency Plans (CP), Contingency Plan Tests (CPT), and System Security Plans (SSP).Knowledge and experience in IT risk and controls through IT audits, IT control assessments, and IT security reviews.Working knowledge of FISMA, NIST SP 800 series, FISCAM, and other relevant Federal information assurance laws, regulations, and guidance.Experience performing FISMA, OMB Circular A-123, or similar internal control assessments.Understanding of other security frameworks like FedRAMP and DISA DCAS.Understanding of the DoD Cloud Computing Security Requirements Guide and other DoD STIG/SRGs, including experience in w