Information System Security Officer, Mid
About The Position
Perform analysis of policies and procedures to ensure information system security controls are implemented and continuously monitored throughout the system development life cycle. Conduct hands-on validation and verification of system security hardening, vulnerability management and analysis, and audit log review by applying technical expertise and specific functional, working, and general industry knowledge to ensure system requirements are secured. Develop and contribute to solutions to a variety of problems of moderate scope and complexity. Support the development and maintenance of Assessment and Authorization documentation such as the System Security Plan (SSP), Security Assessment Report (SAR), and Plan of Action and Milestones (POA&M). Provide cybersecurity guidance across technical and non-technical clients and peers.
Requirements
- 1+ years of experience with hands-on security hardening, vulnerability management, and audit log review in a Microsoft Windows environment
- Knowledge of the DoD and IC Risk Management Framework (RMF), NIST 800 series, and industrial security requirements under the National Industrial Security Program Operating Manual (NISPOM) and DCSA Assessment and Authorization Process Manual (DAAPM)
- Knowledge of network and information system security principles and best practices
- Ability to conduct technical system security reviews using scan tools such as ACAS, Nessus, and SCAP
- Ability to travel up to 25% of the time
- Secret clearance
- HS diploma or GED
- DoD 8570.01-M IAM Level I Certification
Nice To Haves
- Experience with SIPRNet and CORA inspections
- Experience with MS Windows OS, MS Server, Cisco, Juniper, or Brocade networking equipment
- Knowledge of ICD 503 or ICD 703
- Knowledge of eMASS
- Ability to work independently while delivering on-time results
- TS/SCI clearance
Responsibilities
- Perform analysis of policies and procedures to ensure information system security controls are implemented and continuously monitored throughout the system development life cycle.
- Conduct hands-on validation and verification of system security hardening, vulnerability management and analysis, and audit log review by applying technical expertise and specific functional, working, and general industry knowledge to ensure system requirements are secured.
- Develop and contribute to solutions to a variety of problems of moderate scope and complexity.
- Support the development and maintenance of Assessment and Authorization documentation such as the System Security Plan (SSP), Security Assessment Report (SAR), and Plan of Action and Milestones (POA&M).
- Provide cybersecurity guidance across technical and non-technical clients and peers.
Benefits
- health, life, disability, financial, and retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
