Information Systems Security Officer

About The Position

Requirements

• Active U.S. Citizenship.
• Active USGSC Interim/Secret (+) security clearance.
• Able to maintain required USGSC level security clearance.
• Must be able to satisfy federal government requirements for access to government information. (Having dual citizenship may preclude you from being able to meet this requirement. )
• Bachelor’s degree with (2+) years of experience in system administration/desktop support or (6+) years of related industrial/cybersecurity administration experience.
• Candidates will not be excluded from consideration with equivalent education and/or experience.
• Current DoD 8570 Baseline Certification (Security+ CE, CAP, GSLC, CASP CE, CISA, CISM, or CISSP).
• Familiarity with DISA Security Technical Implementation Guides (STIGs) and security tools such as Splunk, Symantec, MS Office, VMWare, etc.
• Working knowledge of National and International security frameworks.
• Experience working with the Defense Counterintelligence & Security Agency (DCSA) Authorization and Assessment Process Manual (DAAPM).
• Experience in secure environments that are compliant with the NISPOM, with special emphasis on information assurance as well as Risk Management Framework (RMF) requirements.
• Familiarity with configuration control and change management (PDQ Deploy/Inventory).
• Familiarity with networking concepts (switches/network security).
• Experience with security concepts (Data Loss Prevention, Active Directory, and Security Log Analysis).
• Experience with Microsoft Windows administration in physical/virtual environments
• Strong written and verbal communication skills; ability to present reports to management; motivated to thoroughly investigate, analyze, and document system issues and resolutions.
• Ability to produce quality deliverables and to complete assigned projects on time; provides consistent status updates ensuring IT projects stay focused; reports discovered anomalies/inconsistencies.
• Consistent attention to detail - completes tasks per standard operating procedures; reports discovered anomalies and inconsistencies.
• Persistent and creative problem solver - strong troubleshooting skills and determined to find solutions to technical problems; identifies root cause and presents possible solutions to management.
• Strong work ethic and a proven professional - respectful, dependable, take initiative and follows through.
• Highly motivated and works well in a fast-paced, team-oriented environment; continuously develops new competencies to accommodate evolving expectations.

Responsibilities

• Ensure local facility systems are operated, maintained, and disposed of in accordance with security policies and procedures outlined in security authorization packages.
• Verify implementation of delegated aspects of IS security program.
• Attend technical security training (e.g., operating system/networking/security management) relative to assigned duties.
• Ensure all local IS users have requisite security clearances, authorization, need-to-know and aware of their security responsibilities before granting access to the IS.
• Report all security-related incidents to the local facility ISSM.
• Conduct periodic reviews of IS to ensure compliance with the security authorization package.
• Serve as member of the Configuration Control Board (CCB).
• Coordinate changes or modifications to hardware, software, or firmware of a system with the ISSM prior to the change.
• Formally notify the facility ISSM when changes occur that might affect system authorization.
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
• Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
• Ensure audit records are protected, collected, and reviewed.
• Assist with local facility unclassified IT systems as needed.
• Other duties as assigned.