Information Systems Security Officer (ISSO) II
About The Position
The Information Systems Security Officer (ISSO) is responsible for ensuring the appropriate operational security posture is maintained for an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This includes physical and environmental protection, personnel security, incident handling, and security training and awareness. The ISSO will work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation, including developing and updating authorization documentation, implementing configuration management across authorization boundaries, assessing the security impact of changes, and making recommendations to the ISSM. The primary function is supporting Special Access Programs (SAPs) for Department of Defense (DoD) agencies, including Headquarters Air Force, Office of the Secretary of Defense (OSD), and Military Compartments efforts. The position will provide day-to-day support for Collateral, Sensitive Compartmented Information (SCI), and Special Access Program (SAP) activities.
Requirements
- 2–5 years of related experience
- Prior performance in roles such as System Administrator, Network Administrator, or Information Systems Security Officer (ISSO)
- Experience developing RMF packages and/or bodies of evidence
- Experience supporting Special Access Programs (SAP)
- Bachelor’s degree or equivalent experience (4 years)
- Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Manager (IAM) Level II within six (6) months of hire
- Current clearance as defined in the Task Order
- Eligibility for access to Special Access Program Information
- Willingness to submit to a Counterintelligence Polygraph
- Must be able to regularly lift up to 50 lbs.
- Special Access Program (SAP) experience
- DoD 8570.01-M IAM Level II certification (in lieu of IAT Level II)
Responsibilities
- Assist the ISSM in meeting their duties and responsibilities
- Prepare, review, and update authorization packages
- Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
- Notify the ISSM when changes occur that might affect the authorization determination of the information system(s)
- Conduct periodic reviews of information systems to ensure compliance with the security authorization package
- Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to implementation
- Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
- Ensure all IS security-related documentation is current and accessible to properly authorized individuals
- Ensure audit records are collected, reviewed, and documented, including any anomalies
- Attend required technical and security training (e.g., operating systems, networking, security management) relative to assigned duties
- Execute the cybersecurity portion of the self-inspection, including providing security coordination and review of all system assessment plans
- Identify cybersecurity vulnerabilities and assist with implementing countermeasures
- Prepare reports on the status of security safeguards applied to computer systems
- Perform ISSO duties in support of in-house and external customers
- Conduct security impact analysis activities and provide recommendations to the ISSM on all configuration management changes affecting authorization boundaries
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
