Information System Security Officer
About The Position
The Information System Security Officer (ISSO) is responsible for assessing and requesting customer authorization for company-managed classified endpoints, servers, networks, and security appliances. This role involves applying evolving U.S. Government cybersecurity policy and guidance. The ISSO ensures system, network, and security appliance auditing, virus scanning, and hardware and software configuration management requirements are executed as defined in customer-approved system assessment documentation and policy. Additionally, the ISSO monitors the activities of program system administrators to ensure all relevant security procedures are followed. A key part of the role is documenting clear and concise compliance criteria and test cases required to validate compliance with an evolving baseline of cybersecurity requirements and guidance from the National Institute of Standards and Technology (NIST), the Intelligence Community, and the DoD.
Requirements
- Experience applying security systems concepts, requirements, design development, implementation, and integration to information systems
- Knowledge of Risk Management Framework (RMF), performing system assessment and authorization through a Governance, Risk, and Compliance (GRC) tool
- Knowledge of risk mitigation and selecting and designing security controls for implementation
- Knowledge of incident response and data loss prevention, detection, and response
- Knowledge of the NIST and Federal Information Security Management Act (FISMA) requirements for monitoring and reporting
- TS/SCI clearance with a polygraph
- HS diploma or GED
- DoD 8570 IAM Level II Certification
Nice To Haves
- Experience executing the analysis, design, and implementation of enterprise cybersecurity solutions
- Experience maintaining vulnerability scanning tool compliance and patch management, including ensuring IT staff pushes patches to all systems, maintaining compliance with directives, managing changes to the system, and assessing the security impact of the changes
- Experience engineering and implementing security-based solutions to further automate and improve the comprehensive security posture of systems and their supporting infrastructure
- Possession of excellent written and verbal communication skills
- DoD 8570 Certification such as CISSP, CISSP-ISSAP, or CISSP-ISSEP Certification
Responsibilities
- Assess and request customer authorization for company-managed classified endpoints, servers, networks, and security appliances
- Apply evolving U.S. Government cybersecurity policy and guidance
- Ensure system, network, and security appliance auditing, virus scanning, and hardware and software configuration management requirements are executed as defined in customer-approved system assessment documentation and policy
- Monitor the activities of program system administrators to ensure all relevant security procedures are followed
- Document clear and concise compliance criteria and test cases required to validate compliance with an evolving baseline of cybersecurity requirements and guidance from the National Institute of Standards and Technology (NIST), the Intelligence Community, and the DoD
Benefits
- Health benefits
- Life benefits
- Disability benefits
- Financial benefits
- Retirement benefits
- Paid leave
- Professional development
- Tuition assistance
- Work-life programs
- Dependent care
- Recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
