Cyber and Information Systems Security Analyst/ISSO

About The Position

Requirements

• Have experience working with government sponsors through inspections and assessments.
• Have a strong working knowledge of the National Industrial Security Program Operating Manual (NISPOM), Joint Special Access Program Implementation Guide (JSIG), Intelligence Community Directives (ICDs), Risk Management Framework (RMF), and other policy requirements.
• Skilled in crafting ATO packages using tools such as XACTA, ServiceNow, eMASS, or traditional methods
• Have a minimum of 5 years’ experience solving information technology problems in a classified facility.
• Have a detailed understanding of computer operating systems, hardware, software, and security procedures.
• Can demonstrate excellent organizational and communication skills and the ability to effectively interact with managers and technical staff.
• Possess a current DoD 8570 certification (Security+, CISSP, etc.).
• Hold an active Top Secret security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.

Nice To Haves

• Possess a bachelor's degree or equivalent experience in Computer Science, Information Technology, or Cybersecurity related field.
• Have worked in or directly supporting the Department of Defense, the IC Community or other U.S. government entities.
• Have excellent verbal and written communication skills, and the understanding of customer focus.

Responsibilities

• Work closely with Information Systems Security Managers (ISSMs), Program Managers, System Administrators, and Program Security Representatives (PSRs) to develop secure IT solutions for classified environments.
• Provide input into documentation such as the System Security Plan (SSP), Plan of Action and Milestones (POA&M), Risk Assessment Report (RAR), Security Traceability Matrix (SCTM), and Concept of Operations (CONOPs).
• Have knowledge with capturing and refining program requirements to be effectively implemented within the information systems.
• Conduct audits and analyze reports for anomalous activity (i.e. unauthorized access, privileged actions, after-hour use, unapproved hardware and software). Provide reports and recommend actions after conducting a preliminary review of the security events.
• Participate in configuration management activities by conducting security impact analysis and due diligence reports for security relevant changes.

Benefits

• generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance.