Information System Security Officer (ISSO)

About The Position

Requirements

• Bachelor's Degree and 3- 10 years of relevant experience. Additional experience may be substituted for education.
• Active Top Secret Clearance is required.Must be able to obtain and maintain a DoD TS/SCI clearance (i.e. DCID 6/4 eligibility)
• Eligibility for access to Special Access Program (SAP) Information
• US Citizenship required
• In-depth knowledge of RMF with the ability to write all supporting documentation.
• Able to produce Assess and Authorize (A&A) packages with extensive experience in building, configuring, and adapting DoD Information System (IS) RMF documentation to meet test requirements.
• Well-versed in National Institute of Standards and Technology (NIST) security control guidance to build Security Control Traceability Matrix (SCTM) features and to assess the vulnerability of various operating systems within the physical operating environment.
• Self-starter, able to multi-task and perform effectively in a highly-dynamic, fast-paced environment with very little supervision.
• Able to deploy CONUS/OCONUS and possess a strong ability to work independently.
• Extensive experience in reviewing Microsoft and Linux audit reports; ensuring audit records are collected, reviewed, and documented (to include any anomalies).
• Ensure all IS security-related documentation is current and accessible to properly authorized individuals
• Conducts periodic reviews of IS and Continuous Monitoring plans to ensure compliance with the System Security Plan (SSP).
• Able to assist in the design, procurement, buildup, and support of mobile and fixed Information Systems.
• Able to identify and initiate corrective actions when a security incident or vulnerability is discovered in accordance with incidence response plan.
• Understanding of Configuration Management processes for hardware/software to ensure systems are maintained and documented, and system changes are coordinated with the ISSM and Authorizing Official.
• Able to perform standard OSHA single person lifting (approx. 40 lbs.) to assist with setup of site equipment.
• DoD 8140.03 Information Assurance Technical (IAT) Level II

Nice To Haves

• Experience using Security Content Automation Protocol (SCAP) Compliance Checker or Evaluate STIG to perform scans of standalone and networked systems.
• Interpersonal skills (written and verbal) necessary to deal courteously and effectively with a diverse group of individuals.
• Able to provide current Advanced Program references.

Responsibilities

• Will primarily perform duties of an Information Systems Security Officer (ISSO) in an Advanced Programs Developmental Test, and Evaluation laboratory.
• Requires the production of a high volume of written documentation throughout the Risk Management Framework (RMF) life cycle for a numerus systems in multiple operating locations.
• Conducts technical and non-technical reviews and audits as prescribed by the Information System Security Manager (ISSM).