Bellese is a mission-driven Digital Services Company committed to pioneering innovative technology solutions in civic healthcare. The Information Systems Security Officer (ISSO) is responsible for implementing a value-based approach to security, versus the traditional focus on audits and compliance.
Requirements
- At least 4 years of experience establishing security controls as outlined in the responsibilities section above.
- Experience working with two or more from the following: web application development, unix/linux environments, distributed systems, machine learning, developing large scale systems and API services, security software development
- Experience with one or more infrastructure scripting languages: Terraform, CloudFormation, Ansible, Chef or Puppet, Kubernetes
- Experience implementing two or more cloud-based solutions: global infrastructure, virtual clouds, virtual computing, serverless computing, load balancing and networking, data storage and data streaming, hadoop, map reduce, secured REST-based API endpoints, security
- Direct, hands-on experience with CFACTS.
- Proven ability to author Security Impact Analyses (SIA), System Security Plans (SSP), and Privacy Impact Assessments (PIA) specifically under NIST 800-53 Rev 5 and CMS ARS 5.0.
- A&A Lifecycle: Experience taking a system through the Assessment & Authorization (A&A) process to achieve or maintain an ATO (Authority to Operate).
- Vulnerability Management: Ability to interpret Tenable/Nessus or WebInspect scans to translate technical vulnerabilities into POA&Ms (Plan of Action and Milestones) that developers can understand.
- Cloud-Native Compliance: Understanding of how to document security controls for AWS-native services
Benefits
- Remote First, Remote Only Culture
- Four weeks paid time off yearly (prorated based on start date for the first year)
- 10 paid floating company holidays
- Flexible schedule
- Work from home setup including a Macbook
- Collaborative, learning environment
- Medical, dental, and company-paid vision insurance
- Optional HSA account with some medical plans and a company contribution
- Company paid basic life and AD&D insurance coverages
- Company paid short and long term life insurance
- Optional critical illness and accident insurance
- 401K plan with 3% safe harbor contribution
- Wellness resources and virtual care
- Perks Plus employee discounts
