Information System Security Officer

Prodigy One•Annapolis Junction, MD

About The Position

The Senior Information System Security Officer (ISSO) supports a large, complex software development program encompassing software development and maintenance, IT infrastructure support (network, workstation, and server), systems integration, enterprise application development, network engineering, and information systems security. In this role, the ISSO works closely with other security professionals to develop and implement strategies that detect and mitigate threats, protect critical data, and assess system and network vulnerabilities. The ISSO is responsible for implementing and enforcing information systems security policies, standards, and methodologies to ensure compliance with organizational and regulatory requirements. This includes evaluating security solutions to verify they meet security requirements for processing various types of information and supporting configuration management of security-relevant software, hardware, and firmware. The role also involves analyzing threats, developing best practices for incident detection and reporting, and leading efforts in vulnerability remediation. Additionally, the ISSO maintains the operational security posture of information systems by managing system records across infrastructure components such as workstations, servers, routers, firewalls, and network devices, including tracking system upgrades and changes. The position supports the Information System Security Manager (ISSM) in maintaining appropriate information assurance (IA) posture across systems, programs, or enclaves. The ISSO develops and maintains Certification and Accreditation (C&A) documentation in accordance with applicable policies, including system security plans and related artifacts. The role also supports Information Assurance Vulnerability Alert (IAVA) management activities, including initiating responses, conducting system scans, implementing remediation actions, and deploying patches and security updates. In addition, the ISSO contributes to the development of system security policies, ensures compliance across systems, and administers user identification and authentication mechanisms to safeguard access to information systems.

Requirements

Must have at least 10 years of experience as ISSO working independently, and/or on teams maintaining secure information system operations in isolated, connected and standalone environments.
Must have at least 5 years of experience using tools to support IAVA management.
Must have at least 5 years of experience using tools to support the preparation, maintenance, and management of SSPs and other security related documentation.
Demonstrated knowledge of and experience with several of the following: current security tools; hardware/software security implementation; communication protocols; encryption techniques/tools.
In‐depth experience completing security evaluations of software systems or architectures to ensure they meet security requirements.
In‐depth experience proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies, preferably on a large software or IT program.
Demonstrated experience performing day‐to‐day security operations of large, complicated information and information processing systems.
Must be committed to developing and adhering to best practices.
Must possess a high level of self‐initiative and must be a solutions‐oriented team player.
Must have excellent interpersonal skills.
CLEARANCE IS REQUIRED TO BE CONSIDERED FOR THIS ROLE Clearance Required: Active TS/SCI clearance with Polygraph

Nice To Haves

Bachelor's degree in a related field and at least 12 years of relevant experience.
Extensive experience as an Information Systems Security Officer on large software development and integration programs.
DoD 8570 compliance with IAT Level II or higher.
DoD 8570 compliance with IAM Level II or higher.

Responsibilities

Develop and implement strategies to detect and mitigate threats.
Protect critical data and assess system and network vulnerabilities.
Implement and enforce information systems security policies, standards, and methodologies.
Evaluate security solutions to verify they meet security requirements.
Support configuration management of security-relevant software, hardware, and firmware.
Analyze threats and develop best practices for incident detection and reporting.
Lead efforts in vulnerability remediation.
Maintain the operational security posture of information systems.
Manage system records across infrastructure components.
Support the Information System Security Manager (ISSM) in maintaining appropriate information assurance (IA) posture.
Develop and maintain Certification and Accreditation (C&A) documentation.
Support Information Assurance Vulnerability Alert (IAVA) management activities.
Contribute to the development of system security policies.
Ensure compliance across systems.
Administer user identification and authentication mechanisms.