Information System Security Officer - ISSO
CrowdStrike is looking for an Information System Security Officer (ISSO). In this role, you will interface within the Federal Security organization and maintain the responsibilities for the effective continuous maintenance of the CrowdStrike Federal cloud computing environments. We are seeking an experienced technical professional to support security-related functions and workloads leveraging infrastructure such as AWS GovCloud (US). This role will report to the Information System Security Manager (ISSM) supporting unique capabilities in cloud architecture to meet FedRAMP or other government regulatory compliance requirements.
- Sustain and operate security policies and procedures as documented in the System Security Plan (SSP).
- Execute account management procedures to effectively coordinate adding or removing documented system accounts.
- Work closely with the ISSM in designing and implementing government regulatory compliance requirements.
- Conducting periodic assessments of information systems and demonstrating corrective actions for identified vulnerabilities.
- Define and document security artifacts for associated Federal cloud computing environments.
- Execute and maintain the continuous monitoring strategy (ConMon) for documented security compliance requirements.
- Participate and document Configuration Control Board (CCB) information system configuration changes.
- Conduct audits, technical reviews to identify and mitigate potential security weaknesses.
- Participate and provide oversight with annual assessments to maintain security authorizations.
- Communicate security incidents and potential information system changes to the ISSM that might affect authorization.
- BS in Engineering or related field, or equivalent work experience
- DoD 8570 IAM Level 1 Certification (CompTIA Security+ or equivalent)
- U.S. Citizen residing on U.S. soil
- Understanding in Cloud Architecture (IAAS, PAAS, SAAS), and the purpose and capabilities of key cloud components such as Chef, Ansible, Docker, Kubernetes or equivalent tools.
- Experience working in a cutting edge, technical, hands-on environment and leveraging technology to manage and grow information systems.
- Hands-on experience implementing security controls in federal information systems.
- Experience providing leadership and making decisions with minimal direction while prioritizing competing demands.
- Working knowledge of NIST 800-53 controls and DOD Risk Management Framework (RMF) Practices.
- Understanding of Cyber Security policies, FedRAMP and/or other US Government Assessment and Authorization (A&A) processes and procedures.
- Familiarity with conducting vulnerability scans and overall vulnerability management.
- Strong written and oral communication skills