Information Systems Security Officer – Level 2

CACI

18d

About The Position

We are seeking a skilled professional to provide comprehensive support for the information assurance program of an organization, system, or enclave. This role will involve actively contributing to the proposal, coordination, implementation, and enforcement of information systems security policies, standards, and methodologies to ensure the protection of critical systems and data. Responsibilities: The successful candidate will be responsible for maintaining the operational security posture of information systems and programs, ensuring that all security policies, standards, and procedures are implemented and adhered to. In addition, they will assist in managing the security aspects of information systems and performing day-to-day security operations to safeguard against potential threats. Evaluating security solutions to ensure they meet stringent security requirements for processing classified information, performing vulnerability and risk assessments to support security authorization, and managing configuration management (CM) processes for information systems security software, hardware, and firmware. The candidate will also play a key role in assessing the security impact of system changes and ensuring that all security modifications are properly documented. The role requires preparing and reviewing critical documentation such as System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Additionally, the candidate will support security authorization activities in alignment with the National Institute of Standards and Technology Risk Management Framework (NIST RMF). This position offers an exciting opportunity to contribute to the security and compliance of vital information systems, ensuring they meet all security requirements and safeguard sensitive information within a complex and dynamic environment. By fulfilling the responsibilities of an ISSO, you will play a key role in ensuring the ongoing security and compliance of critical information systems and support the broader organization's information assurance and cybersecurity goals.

Requirements

Current Active TS/SCI with POLY
Eight (8) years of combined work-related experience in the fields of IT, cybersecurity or security authorization is required. Experience in at least two of the following areas is required: knowledge of current security tools, hardware/software security implementation; communication protocols; or encryption tools and techniques. Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services.
Bachelor's degree in Computer Science or a related field (e.g. General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cybersecurity, Information Technology, Information Assurance, Information Security, and Information Systems) is required. In lieu of a Bachelor’s degree, four (4) additional years of work-related experience may be substituted.
DoD 8570 compliance with IAM I is required. The following certifications qualify: CAP, CND, Cloud+, GSLC, Security+ CE, HCISPP

Nice To Haves

Familiarity with Network Security Services and Chief Information Security Officer processes and procedures.

Responsibilities

Maintaining the operational security posture of information systems and programs
Managing the security aspects of information systems
Performing day-to-day security operations to safeguard against potential threats
Evaluating security solutions to ensure they meet stringent security requirements for processing classified information
Performing vulnerability and risk assessments to support security authorization
Managing configuration management (CM) processes for information systems security software, hardware, and firmware
Assessing the security impact of system changes
Ensuring that all security modifications are properly documented
Preparing and reviewing critical documentation such as System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)
Supporting security authorization activities in alignment with the National Institute of Standards and Technology Risk Management Framework (NIST RMF)