Information Systems Security Officer (ISSO) 2 - TS/SCI w/Poly

About The Position

Requirements

• Eight (8) years of combined work-related experience in the fields of IT, cybersecurity or security authorization is required.
• Bachelor's degree in Computer Science, Cyber Security or IT Engineering is required.
• In lieu of a Bachelor's degree, four (4) additional years of work-related experience may be substituted for a total of twelve (12) years.
• Compliance with DoD 8570.01-M with a minimum certification of IAM Level I is required.
• Experience in at least two of the following areas is required: knowledge of current security tools, hardware/software security implementation; communication protocols; or encryption tools and techniques.
• Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services.

Responsibilities

• Provide support for a program, organization, system, or enclave's information assurance program.
• Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
• Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
• Assist with the management of security aspects of the information system and perform day-to-day security operations of the system.
• Evaluate security solutions to ensure they meet security requirements for processing classified information.
• Perform vulnerability/risk assessment analysis to support security authorization.
• Provide configuration management (CM) for information systems security software, hardware, and firmware.
• Manage changes to system and assess the security impact of those changes.
• Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).