Information Systems Security Officer (ISSO)

About The Position

Requirements

• 2+ years of experience with A&A process, ICD 503, and NIST Risk Management Framework (RMF)
• 2+ years of experience writing technical reports related to A&A, System Security Plans (SSP), security policies and/or guidance
• 2+ years of demonstrated knowledge and technical skills in: network architecture, configuration of a local area network (LAN), and securing operating systems
• 5+ years of experience with Microsoft Windows Server, Windows 7, Windows 8, Windows 10, Microsoft Office Suite (Word, Excel, PowerPoint), Apple/MAC OS, Unix/Linus systems, and virtualization software (VMware, Hyper-V, Virtual Box)
• Experience monitoring and correlating data (e.g., logs, events, activity, etc.) from a variety of sources (e.g., Splunk, ELA, ePO, ESS, ACAS, etc.) to identify and mitigate threats, vulnerabilities and non-compliance.
• Experience using vulnerability and compliance assessment tools such as Nessus, SCAP, or App Detective
• Ability to communicate on technical subjects using clear, concise, non-technical language to include strong written communications, ability to provide written feedback on documents, and ability to prepare briefings
• Ability to travel domestically (20% to 40% of the time)
• HS Diploma
• Possess a valid certification that meets or exceeds DoD 8570.01-M IAM II requirements
• US Citizenship and an active Top Secret security clearance with SCI eligibility.

Nice To Haves

• Bachelor’s Degree preferred
• Demonstrated experience giving technical guidance to system administrators
• Three (3) or more years of experience with the IC Community’s/Sponsor’s A&A process, ICD 503, and NIST Risk Management
• Any additional certifications relevant to system and cyber security not previously listed

Responsibilities

• inspect information systems at the local contractor sites
• assist with assessment and accreditation (A&A)