Senior Information System Security Officer (ISSO)-1

About The Position

Requirements

• Bachelor of Science Degree in Cybersecurity, Computer Science, Computer Engineering or equivalent
• 5+ years of relevant experience
• CompTIA Security+ or equivalent certification
• Ability to collaborate with large and highly competent technical teams.
• Strategic high-level thinking
• Ability/experience with planning an initiative involving large-scale, networked systems.
• Ability to obtain and maintain a US Security Clearance (Note: Must be a United States citizen to obtain clearance.)
• Willing and able to travel 40% or more.

Nice To Haves

• 10+ years of relevant experience
• Graduate degree in Cybersecurity
• Certified Information Systems Security Professional (CISSP) certification
• Certified Information Security Manager (CISM) certification
• Active Top Secret Clearance

Responsibilities

• Ensure systems are accredited, and the standard operating procedures include required security procedures.
• Ensure that the systems are operated and maintained such that they stay within the accepted level of residual Cybersecurity risk.
• Ensure that Cybersecurity documentation is developed, maintained, and updated as required.
• Implement SSP responses to DoD IAVAs and IAVBs.
• Initiate investigative procedures for security events, and institute protective or corrective measures when a security incident or vulnerability is discovered.
• Report in conjunction with the User Representative (UR) to the branch ISSM on Cybersecurity incidents.
• Work with the URs to ensure that incident response plans and contingency plans are developed and tested prior to system operation and annually thereafter, and results documented in the Security Authorization Package.
• Participate in all engineering reviews for systems under their cognizance.
• Implement security controls in alignment with the Risk Management Framework (RMF).
• Document security measures.
• Oversee the security posture of information systems operating under Interim Authorization to Test (IATT).
• Prepare authorization packages.
• Work with various stakeholders to ensure the system's security.
• Collaborate with System Administrators to ensure security configurations, patches, and access controls are implemented and maintained during testing.
• Develop requirements for large-scale or service specific pilot projects.
• Support (prepare, review, and present) the Program Office's DoD Acquisition process in the development of the Objective Quality Evidence (OQE) (i.e. Cyber Security Strategy, GAO responses, Clinger Cohen Act, Cyber Test & Evaluation Strategy, etc.) for multiple programs, in compliance with SSP Regulations.
• Support the Program Office Technical Lead as needed identifying issues and action items, document OQE, and participating in ISSO discussions.
• Provide customer interactions with Program Offices and associated contractors/subcontractors.
• Interface with the SSP Functional Authorizing Official (FAO, formerly AODR).
• Coordinate and collaborate with the stakeholders, including SSP representatives and contractors/subcontractors through assessments, subject matter expert input to proposals, technical interchange meetings, status teleconferences, email correspondence, and other meetings as required.
• Support development of technical presentations and provide comments on the technical content.
• Develop System Security Plans detailing the security controls implemented for each information system.
• Work with SSP programs to develop and maintain lifecycle plans.
• Oversee the application of Security Technical Implementation Guides (STIGs) and ensure vulnerability scans are completed in a timely manner.
• Evaluate performer deliverables and presentations.

Benefits

• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement benefits (including 401(k) matching)
• Educational reimbursement
• Parental leave
• Employee stock purchase plan
• Tax-saving options
• Disability and life insurance
• Pet insurance