Information Systems Security Officer (ISSO)

MAG is currently looking for an Information Systems Security Officer (ISSO) to provide a variety of services leveraging the Risk Management Framework (RMF) accreditation. Services are associated with validation approval and sustainment of cybersecurity accreditation packages. Performs and analyze a range of Information Security Systems Officer (ISSO) activities and assist with the development and implementation of security policies.

Duties include but are not limited to:

• Gather and translate customer requirements interact with stakeholders from many areas and lead efforts to ensure customer products and recommendations will meet customer information security policies in an ever-changing technical environment.
• Test and monitor the security control using the appropriate methods and procedures to determine the extent to which the controls are implemented correctly operating as intended and producing the desired outcome.
• Monitor the security of the IS on a continuous basis including assessing control effectiveness documenting changes to the system conducting security impact analyses of the associated changes and reporting the security status of the system to appropriate organizational officials on a regular basis.
• Review prepare and update RMF authorization packages
• Conduct assessments of information security controls to measure the effectiveness of controls and identify any gaps
• Manage remediation efforts and report on the status of control deficiencies
• Provide security expertise to business units and key stakeholders
• Provide timely status updates/reporting on assessments and assigned projects.
• Process and approve admin account requests and ETPs SAARs and other access requests.

Minimum Requirements

The required skills and knowledge include:

• US Citizenship and Possess an Active TS/SCI Clearance
• In compliance with DoD Cyber Workforce 8570.01
• Experience in Information Assurance / Cybersecurity including development integration and implementation of cybersecurity and program protection standards for networking computers and custom applications.
• Thorough knowledge of the Department of Defense 8510.01 Risk Management Framework (RMF) for DoD Information Technology DoD Instruction 8500.1 Cybersecurity DoD Directive 8140.01 Cyberspace Workforce Management NIST 800 Special Publications Federal Information Processing Standards (FIPS) and knowledge of current authorization practices particularly within the DoD.
• Account & report the security configuration baselines for Windows and Linux platforms networking equipment cloud technologies and custom applications (i.e. Minimum Benchmarks: CIS STIGS).
• Provide subject matter expertise advice and assistance in the planning implementation and accreditation of technology and solutions.
• Must meet position and certification requirements outlined in DoD Directive 8570.01 M for Information Assurance Management Level 2 (IAM Level II).

Experience

• The minimum years of related experience required: 5 years

Education

• The minimum level of education required is: BS in Computer Science or Information Technology (or equivalent experience):

Desired Requirements

The desired skills knowledge and education include:

• Familiar with DIA assessments and accreditation documentation within the XACTA management platform.
• Familiar with eMASS - ENTERPRISE MISSION ASSURANCE SUPPORT SERVICES platform.
• Conduct audits to identify how well controls are delivered/supported and potential opportunites for improvement with stakeholders.
• Provide reports briefs and POAM creation for findings.
• Ability to read review and consolidate ACAS scans DISA STIGS and Information Assurance Vulnerability Management (IAVM) results.
• Excellent interpersonal skills including the ability to work on multi-functional teams
• Display detailed knowledge and understanding of multiple technology infrastructures.
• Ability to serve as a principal advisor on all matters technical and otherwise involving the security of an IS.
• Exhibit individual initiative to influence events and achieve goals. Be proactive and a self-starter going beyond specific job responsibilities to ensure goals and achieved or exceeded.
• Travel as necessary for customer projects technology expositions and corporate meetings.

Other Qualifications

• Outside of the above other certifications licenses or clearances include: None
• Physical requirements for the job include the ability to work in an office and lab environment.