Information Systems Security Officer Level 1 (ISSO)

About The Position

Requirements

• A current and active TS/SCI Clearance with a Maryland Polygraph is required. No CCA's will be accepted at this time.
• Three (3) years of experience as an ISSO on programs and contracts of similar scope, type, and complexity is required.
• Bachelor’s degree in Computer Science or related discipline from an accredited college or university is required. DoD 8570 compliance with IAT Level I or higher is required. Four (4) years of additional experience as an ISSO may be substituted for a bachelor’s degree.
• Experience is to include at least one (1) of the following areas: knowledge of current security tools, hardware/software security implementation; communication protocols; and encryption techniques/tools.
• MUST have knowledge of: XACTA, LATTEART, CIVET, SECUIRTY CENTER and SCANBOY.

Responsibilities

• Provides support for a program, organization, system, or enclave’s information assurance program.
• Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
• Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
• Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
• Evaluate security solutions to ensure they meet security requirements for processing classified information.
• Performs vulnerability/risk assessment analysis to support certification and accreditation.
• Provides configuration management (CM) for information system security software, hardware, and firmware.
• Manages changes to system and assesses the security impact of those changes.
• Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Supports security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
• Provide support to senior ISSOs for implementing, and enforcing information systems security policies, standards, and methodologies
• Assist with preparation and maintenance of documentation
• Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information
• Assist with the CM for information system security software, hardware, and firmware
• Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades
• Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies
• Develop and maintain documentation for C&A in accordance with ODNI and DoD policies
• Provide CM for security-relevant information system software, hardware, and firmware
• Develop system security policy and ensure compliance
• Evaluate security solutions to ensure they meet security requirements for processing classified information
• Maintain operational security posture for an information system or program
• Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system, program, or enclave
• Develop and update the system security plan and other IA documentation
• Assist with the management of security aspects of the information system and perform day-to-day security operations of the system
• Administer the user identification and authentication mechanism of the Information System (IS)