Info System Security Officer 1

The Information System Security Officer I provides support for a program organization system or enclaves information assurance program. Provides support for proposing coordinating implementing and enforcing information systems security policies standards and methodologies. Maintains operational security posture for an information system or program to ensure information systems security policies standards and procedures are established and followed. Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software hardware and firmware. Manages changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs) Risk Assessment Reports Assessment & Authorization (A&A) packages and System Controls Traceability Matrices (SCTMs). Supports security authorization activities in compliance with the NIST Risk Management Framework (RMF) and any DoD and IC tailored requirements.

Key tasks include:

Plan and coordinate the IT security programs and policies

Manage and control changes to the system and assessing the security impact of those changes

Obtain A&A for ISs under their purview

Provide support for a program organization system or enclaves IA program

Serve as the Approval Authority to validate or approve user authorization for accounts associated with systems under their control

Understand the authorization boundary of systems

Collaboration with System and Network administrators to understand and document data flow and architecture diagrams

Knowledge of security controls the assessment and applicability to systems

Maintain operational baseline of systems under their purview

Provide ongoing Continuous Monitoring to assigned systems

Provide and validate the operational security posture of systems and ensure they are maintained

Ability to initiate the reauthorization process of a system that needs reaccreditation

Ability to decommission a system when it is no longer required

Manage risks while assigned system is in operation

Ability to understand the POA&M process as well as track and closeout any outstanding liens

Ability to acknowledge and respond to IAVAs and create liens as necessary

Perform coordinate and document security relevant changes

Perform vulnerability assessments to ensure updates and system baseline are enforced

Recognize a possible security violation and take appropriate action to report the incident

Manage protective or corrective measure when an IA incident or vulnerability is discovered

Provide security and awareness oversight and/or training as required

Review of audit reduction tools to monitor and review systems for compliance with IA policy

Excellent written and verbal communication skills

Excellent leadership and teamwork skills

Results oriented high energy self-motivated

Candidate may be required to respond to after-hours requests as required in a 24 x 7 environment

Five (5) years experience as an ISSO on programs and contracts of similar scope type and complexity is required. Experience is to include at least one (1) of the following areas: knowledge of current security tools hardware/software security implementation; communication protocols; and encryption techniques/tools. Bachelors degree in Computer Science or related discipline from an accredited college or university is required. DoD 8570 compliance with Information Assurance Technician (IAT) Level I or higher is required. Four (4) years of additional experience as an ISSO may be substituted for a bachelors degree.

Required Certification:Any of the following or higher certification;A with Continuing Education Cisco Certified Network Associate-Security (CCNA-Security) Network Continuing EducationSystem Security Certified Practitioner (SSCP)

Required Clearance:TS/SCI w/polygraph