Information Systems Security Officer ISSO Skill Level 2

• Provides support for a program organization system or enclaves information assurance program.
• Provides support for proposing coordinating implementing and enforcing information systems security policies standards and methodologies. Maintains operational security posture for an information system or program to ensure information systems security policies standards and procedures are established and followed.
• Assists with the management of security aspects of the information system and performs daytoday security operations of the system.
• Evaluate security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation.
• rovides configuration management (CM) for information system security software hardware and firmware. Manages changes to system and assesses the security impact of those changes.
• Prepares and reviews documentation to include System Security Plans (SSPs) Risk Assessment Reports Certification and Accreditation (C&A) packages and System Requirements Traceability Matrices (SRTMs).
• Supports security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).

The Level 2 Information Systems Security Officer (ISSO) shall possess the following qualifications:

• Ten 10 years experience as an ISSO on programs and contracts of similar scope type and complexity is required. Experience is to include at least two 2 of the following areas: knowledge of current security tools hardware/software security implementation; communication protocols; and encryption techniques/tools. Bachelors degree in Computer Science or related discipline from an accredited college or university is required. DoD 8570 compliance with Information Assurance Management (IAM) Level I or higher is required. Four 4 years of additional experience as an ISSO may be substituted for a bachelors degree.

• Provide support to senior ISSOs for implementing and enforcing information systems security policies standards and methodologies
• Assist with preparation and maintenance of documentation
• Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information
• Assist with the CM for information system security software hardware and firmware
• Maintain records on workstations servers routers firewalls intelligent hubs network switches etc. to include system upgrades
• Propose coordinate implement and enforce information systems security policies standards and methodologies
• Develop and maintain documentation for C&A in accordance with ODNI and DoD policies
• Provide CM for securityrelevant information system software hardware and firmware
• Develop system security policy and ensures compliance
• Evaluate security solutions to ensure they meet security requirements for processing classified information
• Maintain operational security posture for an information system or program
• Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system program or enclave
• Develop and update the system security plan and other IA documentation
• Assist with the management of security aspects of the information system and perform dayto day security operations of the system
• Administer the user identification and authentication mechanism of the Information System (IS)
• Obtain C&A for ISs under their purview
• Provide support for a program organization system or enclaves information assurance program
• Plan and coordinate the IT security programs and policies
• Manage and control changes to the system and assessing the security impact of those changes
• Manage and control changes to the system and assessing the security impact of those changes
• Serve as the Approval Authority for ISs under their control