Information Systems Security Officer (ISSO)

About The Position

Requirements

• Excellent communication skills both written and verbal.
• Three years of computer maintenance and three years minimum experience in networking/inter-networking in the Windows and/or Red Hat Linux environment to include domain administration, cabling concepts, router configurations, and switch connections.
• Must possess an active, or be able to acquire a TOP SECRET security clearance
• High school diploma

Nice To Haves

• Bachelor’s degree or equivalent experience (preferred)
• DoD 8570.01-M IA Workforce Certification, IAM I approved baseline certification, CompTIA Security+ CE (preferred)
• Valid U.S. Driver’s License

Responsibilities

• Provides security oversight and ensures compliance with all Performance Work Statement (PWS) directive requirements for Information Technology (IT) equipment.
• The Information System Security Officer (ISSO), under the direction of their supporting Special Security Officer (SSO) and Information System Security Manager (ISSM), is responsible for the day-today management and implementation of CMSFS’s site IT security programs.
• Required to interface with all levels of management and Government customers.
• Develops/implements/manages security policies, procedures, processes, and best practice standards specific to program requirements such as Standard Operating Procedures (SOPs), Concept of Operations (CONOPs), etc.
• Provide artifacts identified in Performance Work Statement (PWS) to the requesting ISSM for IA control validation and inclusion into the AF Assessment and Authorization (A&A) package.
• Develop a RMF Security Plans Tracker that tracks completion of the plans for each control family.
• Review, update, and coordinate documentation for TEMPEST packages.
• Conducts or supports internal company and/or other customer security assessments.
• Participates in technical meetings with internal/external customers.
• Conducts security incident/violation investigations and formally report results.
• Process System Access Requests (SARs) for all managed IT systems to include maintaining documentation associated with each system, as required.
• Compiles data and provides necessary metrics or performance highlights.
• Review, monitor, prepare, or update artifacts for assessment packages, as necessary.
• Identifies security vulnerabilities and implement countermeasures.
• Conducts security surveys and gathers pertinent security documentation for inclusion into system assessment packages.
• Prepares reports on the status of security safeguards applied to computer systems.
• Ensures AIS and network nodes are operated, maintained, and disposed of in accordance with security policies and practices.
• Serves as the security point of contact for the Sensitive Compartmented Information Facility (SCIF) equipment and peripherals.
• Must be able to work inside a cleared facility and monitor all activities in the SCIF.
• Serves as the alternate SCIF Contractor Special Security Representative (CSSR).
• Supports all users of the SCIF and Joint Worldwide Intelligence Communications System (JWICS).
• The position will provide day-to-day security support for JWICS operations.
• Perform general housekeeping, safety, and environmental practices, maintaining data/logs/files, and complying with security policies, PWS directive publications, and other security manuals and guidance.
• Complete ancillary training and participate in exercises.