Information Systems Security Officer

Job Summary

The ISSO position will require the ability to perform all duties related to the development, maintenance, certification and accreditation of a classified network to include: implementation of protection measures, administration, and system maintenance.

Essential Duties and Responsibilities

1. Perform all duties as outlined in NISPOM Chapter 8, NIST SP 800-53, and other directives for the development, certification, accreditation, and maintenance of a classified network. 
2. Tasks will include, but are not limited to configuring information systems, providing information for the development of System Security Plans, establishing and maintaining configuration management plans, install/update/remove computer equipment, preparing documents to gain government approvals to operate information systems, weekly system audits, anti-virus software management, sanitizing systems and components, establishing new user accounts, preparing for and supporting inspections, etc.
3. ISSO work under the direction of the Information System Security Manager (ISSM). Successful candidate should be knowledgeable of information technology security principles, PC Desktops, and Microsoft suite of applications. Assist with self-inspection reviews. This is a multi-tasking environment that demands customer service, communication, and organizational skills.
4. Maintaining System Security Plans in accordance with applicable government guidance and directives such as Risk Management Framework (RMF) and the NISPOM.
5. Coordinating requested system changes with the Information Systems Security Manager (ISSM), Configuration Control Board and government approvers.
6. Conduct self-inspections and provide corrective actions to the ISSM.
7. Continuously reviewing systems for potential vulnerabilities and implementing appropriate risk mitigation efforts under the guidance of the ISSM.
8. Maintaining all classified computer systems in inspection-ready state at all times.
9. Investigating security incidents to include data spills, data integrity incidents, and malicious code incidents.
10. Verify the implementation of delegated aspects of the Systems Security Program from the ISSM and security measures, in accordance with CSA and contractor procedures.
11. Conducting security education training for all system users on appropriate risk mitigation strategies.
12. Assist the IT department when required.
13. All other duties as assigned.

Education/Experience

Bachelor's degree in IT or related discipline or equivalent combination of direct related experience and formal training/certification as required below. Must be a U.S. citizen and hold or able to obtain a DoD Secret Clearance.

1. 2 years of “hands-on” experience working as an ISSO supporting classified programs accredited under NISPOM or RMF. 
2. Knowledge of National Industrial Security Program Operating Manual (NISPOM) Chapter 8 requirements.
3. Knowledge of current Industrial Security Field Operations (ISFO) Process Manual for the Certification and Accreditation of Classified Systems.
4. Candidate must be familiar with the National Institute of Standards and Technology (NIST) 800-53 controls, based on NIST Special Publication 800-53 Revision 4.
5. Knowledge of security configuration of various Windows and UNIX based operating systems.
6. Prior experience as an ISSO or System Administrator
7. Understanding of configuration management principles.
8. Working knowledge and understanding of operating systems and networking.
9. Solve a variety of technical issues of moderate complexity with very general supervision.

Certificates and Licenses

Must hold or be able to obtain one of the following certifications that meet the basic requirements for Information Assurance Technician (IAT) Level II, per DoD 8570.01-M.

1. Cisco Certified Network Associate Security (CCNA-Security)
2. Global Industrial Cyber Security Professional (GICSP)
3. GIAC Security Essentials (GSEC)
4. CompTIA Security+ CE
5. Systems Security Certified Practitioner (SSCP)

Computer Skills

To perform this job successfully, an individual should have knowledge of MS Office products including wor processing, spreadsheet, presentation, and project management,.  Additionally, must be knowledgeable of a variety of design, development, and database software, and use the Internet at advanced level of proficiency to facilitate original designs and maintain varying complexities of software coding, drawings or supplemental original or updated documents. May make presentations on diagrams and supporting documentation to managment and customers.