Information System Security Officer (ISSO)

ISSO will support a large IC client Security & Infrastructure Office with information and data security procedures and processes. Regular duties will include: Operate within cleared environments to perform Information Assurance specific activities for customer needs and timelines. Perform assessments of systems and networks within the networking environment and identify where those systems or networks deviate from acceptable configurations, enclave policy, or applicable Agency policies and guidelines. Perform compliance audits (passive evaluation) and vulnerability assessments (active evaluation). Develop Risk Management Framework (RMF) process operating procedures, policies, and related documentation. Perform duties per NIST SP 900-137, Continuous Monitoring, and audit for anomalous or malicious user activity. Periodically review audits of all systems and monitor corrective actions to ensure closure of all action items. Manage media, including handling and control, labeling, virus-scanning solutions, and data transfers between classification domains via manual and automated processes. Create and enforce strict program control processes to ensure risk mitigation, system accreditation, and certification attainment support. Support will include process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.