ISSO - Information System Security Officer (Cyber Security Rep)
About The Position
The Information System Security Officer (ISSO) position is responsible for the implementation of Risk Management Framework (RMF) activities required to support Information System (IS) assessment and authorization activities. This position reports directly to the Chief of Security, Special Projects. The successful candidate must possess sufficient understanding, knowledge, and experience to implement, enforce, and ensure compliance with RMF policies and procedures. This position will work closely with NAVSEA, Government vendors, EB departments, and sub-contractor counterparts. This position requires a balance of technical knowledge and experience, with strong analytical, documentation, and reporting skills. Responsibilities include: Supporting the development and maintenance of organization-wide Cybersecurity policies, procedures, templates, and associated education, awareness, and training products; organization-wide Risk Management Strategy, to include the Risk Assessment Report; and the organization-wide Continuous Monitoring (ConMon) Strategy Developing and/or assessing system specific policies, procedures, templates, training, and other documentation to ensure alignment with the requirements of organization-wide policies and procedures Coordinating, conducting, and documenting system specific ConMon activities; identifying, managing, and tracking system specific risks, to include vulnerabilities and other areas of non-compliance; and providing guidance on risk mitigation and remediation considerations and strategies Processing POA&M Forms, Configuration Management Plans(CM), and Security Impact Assessments Verifying Operating System (OS) and network device configurations, and ensure compliance with configuration standards and other technical requirements Overseeing and supporting RMF activities performed by ISSOs Leading assessment and authorization efforts for systems; developing and maintaining packages to include POA&Ms Interfacing with various internal and external EB stakeholders Providing guidance and support on security requirements and implementation Supporting internal and external inspections and assessments Other responsibilities as necessary to support RMF activities
Requirements
- High School Diploma or GED
- Current DoD TOP SECRET clearance
- A.S. Degree (or higher) in Cybersecurity, Information Technology (IT) OR 2+ years working experience as an ISSO/IT Admin
- Professional Cybersecurity certification (e.g. CISSP)
- Strong analytical, problem solving, organizational, and time management skills
- Ability to work independently and collaboratively as part of a multi-functional team in a fast paced and challenging environment
- Ability to communicate effectively with all levels of the organization, as well as external stakeholders
- Technical understanding of Operating Systems, networks, and configuration standards
Nice To Haves
- Current DoD TOP SECRET with SCI eligibility
- 5+ years within Cybersecurity field and related A.S./B.S. Degree (or higher) and certifications
- Working knowledge of the RMF process, and NIST SP 800-53 Controls with experience interpreting requirements
- Working knowledge of the NISPOM and FISMA
- 2+ years of experience as an ISSM, ISSO, System/Network Engineer/Architect/Administrator, or in an Equivalent RMF role
Responsibilities
- Supporting the development and maintenance of organization-wide Cybersecurity policies, procedures, templates, and associated education, awareness, and training products; organization-wide Risk Management Strategy, to include the Risk Assessment Report; and the organization-wide Continuous Monitoring (ConMon) Strategy
- Developing and/or assessing system specific policies, procedures, templates, training, and other documentation to ensure alignment with the requirements of organization-wide policies and procedures
- Coordinating, conducting, and documenting system specific ConMon activities; identifying, managing, and tracking system specific risks, to include vulnerabilities and other areas of non-compliance; and providing guidance on risk mitigation and remediation considerations and strategies
- Processing POA&M Forms, Configuration Management Plans(CM), and Security Impact Assessments
- Verifying Operating System (OS) and network device configurations, and ensure compliance with configuration standards and other technical requirements
- Overseeing and supporting RMF activities performed by ISSOs
- Leading assessment and authorization efforts for systems; developing and maintaining packages to include POA&Ms
- Interfacing with various internal and external EB stakeholders
- Providing guidance and support on security requirements and implementation
- Supporting internal and external inspections and assessments
- Other responsibilities as necessary to support RMF activities
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Education Level
High school or GED
Number of Employees
5,001-10,000 employees
