Information System Security Officer

The United States Strategic Command (USSTRATCOM)Commander is designated as the Nuclear Command, Control, and Communication (NC3) enterprise lead with increased responsibilities for operations, requirements, enterprise systems engineering and integration (SE&I) assessment and analytics, to include data management, and modeling and simulation; intelligence liaison; and inspection and compliance. The NC3 Enterprise Center (NC3 EC) has been established to execute the new roles and responsibilities and enabling functions. Job Description: The contractor shall assist the Government by serving as an Information System Security Officer (ISSO) information technology (IT) specialist providing a wide range of IT services tailored to ensure system security of cloud systems at the Nuclear Command, Control, and Communications (NC3) Enterprise Center (NEC). The contractor shall perform duties as a senior IT specialist providing a wide range of IT services tailored to support critical command, control, and mission information, processes, and systems, providing advanced knowledge and skill in using IT systems, and is considered an advanced IT user. The contractor shall assist the Government in developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data. Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Participate in network and systems design to ensure appropriate systems security policies are implemented. Ensure the rigorous application of information security/information assurance policies, principles, and practices in delivering all IT services. The contractor shall assist the government through the coordination of workflow, activity, and documentation necessary to achieve a successful DoD Information Assurance Certification and Accreditation Process (DIACAP), Certification and Authorization, and/or Risk Management Framework (RMF), Assessment and Authorization efforts for various DoD environments. This includes: coordination among myriad stakeholders, e.g., Security Engineers, Network Administrators, System Administrators, Information Assurance Managers (IAMs) / ISSMs, certification authorities (and representatives), accreditation authorities (and representatives), program managers, vendors, etc., necessary to properly identify, document, mitigate, and manage risk attributed to the target system, network, and/or application; Identify, develop (either directly, or in coordination with applicable experts), and incorporate common artifacts found in a DIACAP (or RMF) accreditation package, e.g., system architecture and boundaries, hardware and software inventories, risk assessment reports, POA&Ms, data flows, Process Performance State Manager (PPSM) accounting, and other necessary system, network, and application documentation. The contractor shall assist the government by analyzing, evaluating, and making recommendations on major aspects of a system, which interrelationships must be considered, which operating mode, applications software, and/or equipment configuration is most appropriate. Translates technical specifications into integrated applications that provide for automation of mission information. Troubleshoots complex design and software implementation problems. Identifies systems and business requirements in terms of objectives, functions to be served, and management expectations. Validates systems, understand procedures for integrating cloud-based hardware and software for information systems, and ensures applications are consistent with current and planned infrastructure and data environments. Works with other application developers to isolate and solve design problems encountered during the test and implementation stages. Responds to and resolves problems with software, hardware, and systems management. Integrates cloud services to provide an integrated information system in order to present mission critical information. Troubleshoots and devises recovery plans for system failure situations. Develops plans to enhance system performance and support enterprise requirements. Provides guidance to less experienced personnel in solving complex problems involving cloud technology, security and system integration. The contractor shall assist the government with IT systems analysis and applications software concepts, functions, techniques, and capabilities sufficient to evaluate new and emerging IT security methods and principles, the feasibility of proposed new systems and applications software projects, and to design, write, test, debug, and maintain information systems and applications software and ensure successful integration with existing and anticipated infrastructure in the cyber weapon system. The contractor shall support the government by providing knowledge of network security, domain theories and concepts, principles, practices, procedures, policies, standards and operational requirements to apply procedures, requirements, regulations, and policies related to specialized expertise in the work of the division including the ability to maintain credibility with others on technical matters, such as in-depth knowledge of broad budgetary and program management methods, practices, procedures, regulations, policies, and processes to formulate, justify, and execute assigned functions in support of the mission, structure, goals, work processes, and programs of the command. The contractor shall support the management and configuration of existing NEC SharePoint sites, as well as creating and configuring new sites, to include sub-sites, pages, libraries, configure lists and forms, custom workflows, and manage permissions and content. The contractor shall develop enhancements on current sites to drive customer satisfaction and efficiency. The contractor shall conduct formal and informal meetings with multiple groups to gather NEC SharePoint requirements and provide solutions to existing problems in knowledge management.