Information Systems Security Officer (ISSO), Mid (MCSES III)

AMERICAN SYSTEMS is an employee-owned federal government contractor supporting national priority programs through our strategic solutions in the areas of Information Technology Test & Evaluation Program Mission Support Engineering & Analysis and Training.

Responsibilities:

• Maintain the appropriate operational security posture for assigned Information Systems (IS)and networks in accordance with cybersecurity policies directives and Information Assurance (IA) Standard Operating Procedures (SOP).
• Ensure the Confidentiality Integrity and Accessibilityof all IS resources organic to the supported organization maintain a high level of operational availability.
• Serve as the principle technical advisor to the Information Systems Security Managers (ISSM) Program Security Officers (PSO) and Delegated Authorizing Officials (DAO).
• Perform functional duties as the alternate ISSM to maximize operational readiness and effectiveness.
• Provide expertise to maintain the Authority to Operate (ATO) and Authorization to Connect (ATC) for assigned IS ensuring Risk Management Framework (RMF)compliance.
• Provide support to Program Management Offices (PMOs) by conducting site surveys and providing technical information to develop RMF artifacts to support ATO/ATC and to facilitate IS deployments and successful integration.
• Perform IS lifecycle management to facilitate requirements engineering procurement integration operational sustainment and destruction.
• Provide the organization subject matter expertise to prepare for cybersecurity physical and personnel security assessments from senior management .
• Perform cybersecurity assessments for IS within your area of responsibility on a regular and consistent basis to identify potential vulnerabilities evaluate the effectiveness of existing security controls and ensure compliance with relevant policies and regulations.
• Develop supporting documentation such as Plan of Action and Milestones (POA&M) and inspection reports to coordinate events capture discrepancies and document remediation strategy for supported organizations.
• Develop and integrate policy and procedures to reinforce Access Controls (AC) for identified vulnerabilities.
• Participate in professional engagements with supporting and supported organizations for successful collaboration and to ensure assigned projects deliver desired results.
• Develop and maintain IS documentation to capture changes to the system its operating environment and to advice the Configuration Control Board (CCB) on ATO/ATC conflicts.
• Conduct cybersecurity audits and maintain audit record management ensuring audit records are collected reviewed documented and archived.
• Complete necessary initial/annual training to establish and maintain access to supported systems and networks.

Qualifications:

• 5 years of information systems management and cybersecurity experience.
• Active TS clearance with SCI eligibility.
• Proficient in firewall administration intrusion detection systems anti-virus software and data encryption
• In-depth knowledge of information security principles and practices including NIST SP 800-53 controls DoD Risk Management Framework (RMF) and DoD Instruction 8510.01.
• Experience with cybersecurity RMF compliance and regulatory requirements.
• Strong analytical problem-solving and decision-making skills.
• Strong communication skills adept at briefing executives andprogram IPT level leadership.
• Self-starter strong work ethic and willingness to be a contributing IPT member.

Certifications:

• Must possess an active DoD 8140/8570.01-M baseline certification atIAM Level II or higher( CE CySA CISSP or CISM).
• Candidates without IAM Level II on day one may be considered if they currently meetIAT Level IIand can obtain an IAM Level II certification within an agreed-upon timeframe.