ISSO - Information System Security Officer

About The Position

Requirements

• Bachelor’s degree (preferred), in a technical specialty such as computer engineering, information security, information management, and/or computer science, and 3+ years’ experience in information systems security project management or information systems security engineering or a master’s degree and 2 years’ experience.
• This position requires an Active Secret clearance and the ability to obtain a Top Secret Security Clearance as needed.
• Working knowledge of fundamental operations for Microsoft Windows
• Proficient with word processing systems, database and spreadsheet software
• Strong interpersonal verbal and written communication skills and the ability to build and maintain professional relationships throughout the organization and with external contacts at all levels of the federal government and private industry
• Strong time management, organizational and analytical skills and the ability to coordinate and prioritize multiple tasks with little supervision. Must be self-directed and detail-oriented in completing assigned tasks
• The nature of assignments requires some application of judgment in the use of security requirements and the incumbent must be able to develop skill in weighing the impact of variables and issues that influence the course of actions taken in resolving security questions or issues
• Able to adapt to constantly changing work environments and manage impact of shifting priorities
• Able to maintain absolute confidentiality in all business matters
• Windows Server 2016 or later: 3 years
• Active Directory: 3 years
• vSphere 6.5 or later: 2 years
• Windows 10 or later: 3 years
• Implementation of DISA Security Technical Implementation Guides (STIGs): 3 years
• Windows Server Update Services (WSUS) – 3 years

Nice To Haves

• Security+ , Network+, CISSP or other industry certification preferred

Responsibilities

• Thorough understanding and application of network security principles, practices, and implementations
• Working knowledge of cross-functional integration of information systems into a physical security environment
• Understanding of system methodologies including but not limited to client server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, LAN, switches, and routers
• Perform duties relating to the development, maintenance and support of the organization’s Information Systems Security Program
• Maintain the Information Systems Security, Education, Training, and Awareness Program (SETA)
• Manage and enforce Information Security Policies and Procedures
• Review and oversee all Information Systems Security Plans/SSPs (Certification/Accreditation)
• Ensure all IS users follow established Information Security Policies and Procedures.
• Ensure all personnel receive the required Technical and Security Training
• Manage and coordinate Information Security Inspections and Incident Response
• Ensure proper Protection and/or corrective measures have been taken when an Incident or Vulnerability has been discovered
• Perform Risk Assessments
• Perform duties as alternate COMSEC custodian
• Assist in conducting classified container audits