Information Systems Security Officer (ISSO) II

About The Position

Requirements

• 2–5 years of related experience
• Prior performance in roles such as System Administrator, Network Administrator, or Information Systems Security Officer (ISSO)
• Experience developing RMF packages and/or bodies of evidence
• Experience supporting Special Access Programs (SAP)
• Bachelor’s degree or equivalent experience (four years)
• Must meet position and certification requirements outlined in DoD Directive 8570.01 -M for Information Assurance Manager (IAM) Level II within six months of hire
• Active clearance meeting contract requirements
• Eligibility for access to Sensitive Compartmented Information (SCI) and Special Access Program (SAP) information
• Willingness to submit to a Counterintelligence Polygraph
• Must be able to regularly lift up to 50 pounds
• 2–5 years of related experience, particularly in developing RMF packages or bodies of evidence
• Prior performance in roles such as System Administrator, Network Administrator, or ISSO
• Experience supporting Special Access Programs (SAP)
• DoD 8570.01 -M Information Assurance Manager (IAM) Level II certification (in lieu of Information Assurance Technician (IAT) Level II)

Responsibilities

• Assist the ISSM in meeting their duties and responsibilities
• Prepare, review, and update authorization packages
• Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
• Notify the ISSM when changes occur that might affect the authorization determination of the information system(s)
• Conduct periodic reviews of information systems to ensure compliance with the security authorization package
• Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and Authorizing Official (AO)/Designated Authorizing Official (DAO) prior to implementation
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
• Ensure all information system security-related documentation is current and accessible to properly authorized individuals
• Ensure audit records are collected, reviewed, and documented, including any anomalies
• Attend required technical and security training relative to assigned duties
• Execute the cybersecurity portion of self-inspections, including providing security coordination and review of all system assessment plans
• Identify cybersecurity vulnerabilities and assist with implementing appropriate countermeasures
• Prepare reports on the status of security safeguards applied to computer systems
• Perform ISSO duties in support of internal and external customers
• Conduct security impact analysis activities and provide recommendations to the ISSM regarding all configuration management changes affecting authorization boundaries