drjobs
Information System Security Officer
drjobs Information System Security Officer العربية

Information System Security Officer

Employer Active

1 Vacancy
The job posting is outdated and position may be filled
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs

Monthly Salary

drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

Req ID : 1716254
Job Summary
The Information Systems Security Officer (ISSO) is responsible for classified/Unclassified programs Cybersecurity/Risk Management Framework (RMF) posture in accordance with government directives and program requirements. The ISSO closely interfaces and collaborates with government customers, system owners, Cybersecurity/Information Assurance (IA) professionals, System Administrators, engineering community on compliance and configuration change management. The ISSOs primary focus is ensuring the confidentiality, integrity, and availability of information systems. The ISSO is a vital contributor to the program and operates in a highly dynamic and fast-paced environment.

Responsibilities/Duties/Functions/Tasks
Leads Cybersecurity/IA efforts by establishing or validating the system, its functions, information types operating environments, and security requirements
Coordinates with Government, customers, partners, and Authorization Officials (AO) to prepare systems for Assessment & Authorization (A&A) in accordance with established NIST guidelines
Creates and Maintains A&A/RMF documentation: Security Plan, Plan of Action & Milestones (POA&M), Software/Hardware Inventory, Network diagrams, Risk Assessment Report, Security Assessment Plan and Report; Contingency Plan, Incident Response Plan, and Configuration Management
Monitors and refines cybersecurity requirements and ensures that the requirements are effectively integrated into information systems throughout the System Development Life Cycle (SDLC)
Provides continuous security monitoring of unclassified/classified systems
Applies current computer science technologies to the development, evaluation, and integration of computer systems and networks to maintain system security for unclassified/classified information systems
Develops and maintains all DoD requirements, including the DAAPM & Risk Management Framework (RMF) standards to ensure compliance with the National Industrial Security Program Operating Manual (NISPOM)
Assist in the development and implementation of policies and System Security Plans supporting government agency requirements
Works in a fast-paced production environment with the ability to handle multiple competing tasks and demands simultaneously.
Conducts security control assessments; reviews the adequacy of the security controls and their ability to protect the system and its information; tailor the security controls to ensure compliance
Supports cybersecurity activities concerned with technical development, scheduling, and resolving engineering design and test problems.
Participates in proposal efforts containing Cybersecurity/IA-related SOW/tasks to address scope, capability, cost, schedule, and resources
Reads, interprets, and implements Cybersecurity/IA regulations and requirements; develop and maintain managerial, operational, and technical Cybersecurity/IA skillset
Collaborates with security managers (both government and local), other SSEs and SSMs to define, improve, implement and maintain information security policies, strategies, and procedures
Supports Corporate-wide Security initiatives

Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for the job. Duties, responsibilities and activities may change at any time with or without notice.

Qualifications

Minimum Requirements
Bachelor s Degree, ideally in Information System Security, Computer Science, Cybersecurity, or equivalent related experience
8+ years of hands on experience in System Security, or Cybersecurity/Risk Compliance
Certifications: CISSP, CISA, CISM, CASP, CEH, and/or Security+
Completion of the DSS CDSE/STEPP RMF Training
Must have an in-depth knowledge of the security authorization processes and procedures as define in the Risk Management Framework and be familiar with the CNSSI1253, NIST SPs 800-37, 800-53, etc.
Must have experience in several of the following areas: knowledge of current security tools, hardware/software security implementation; different communication protocols; and encryption techniques/tools
Substantial communication and interpersonal skills to advise customers of DoD and company industrial security policies and procedures
Experience with development documentation for systems down to the technical component, software, firmware, and interface level
Demonstrates ability to follow engineering processes and verify technical requirements
Ability to work under pressure and with limited supervision, and work well with others in a large and diverse environment
Ability to successfully prioritize and manage to completion multiple complex tasks and deliverables, and demonstrate the highest degree of integrity and accountability in all actions

Essential Mental Requirements
Excellent written and spoken communication skills for documentation, intra-team, and interdisciplinary communication.
Able to focus on multiple projects at once.
Organized and detail-oriented
Ability to operate in a high-paced work environment

Essential Physical Requirements
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
While performing the duties of this job, the employee is occasionally required to stand; walk; sit; use hands to finger, handle, or feel objects, tools or controls; reach with hands and arms; talk or hear. The employee must occasionally lift or move office products and supplies, up to 10 pounds.

Occasional travel 10%.

Equipment/Software/Tools Used
Computer, phone, photocopiers, and fax machines
Experience managing Linux, Windows 10 DOD accredited information systems
Experience with the SCAP Compliance Checker and the DISA STIG Viewer
Experience with Assured Compliance Assessment Solution (ACAS) Vulnerability scanner
Microsoft Office Applications (Word, Excel, PowerPoint)
Microsoft Project

Employment Type

Full Time

Company Industry

Security / Law Enforcement

About Company

10 employees
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.