Information Systems Security Officer- ISSO
About The Position
As an Information Systems Security Officer (ISSO), you will be responsible for ensuring that appropriate operational security postures and active security authorizations for all projects/security plans (SPIDs) are maintained for information processing systems. ISSO’s are responsible for creating and maintaining required security body of evidence (BoE) artifacts such as Plans of Actions and Milestones (POAMs), and that control implementations and test plans meet all Assessment and Authorization (A&A) milestone requirements per customer requirements and practices. You will be responsible for conducting vulnerability assessments, assisting programs in managing POA&M resolution, and consulting with program teams as they apply ICD 503 and the RMF standards throughout the IT Systems lifecycle. This is a key position and requires customer approval.
Requirements
- Minimum of Bachelor’s Degree in Computer Science, Information Systems, Engineering or other related technical or scientific discipline
- Minimum of five (5) years of ISSO experience in the IC and preferably NGA, for multiple SPIDs
- Experience in conducting security scans
- Experience in applying security patches and fixes
- CISSP certification or Security + Certificate
- Must be able to obtain Polygraph within 30 days
Responsibilities
- Conduct in-depth security reviews of program systems, applications, and services
- Participate in security assessments and after assessment, develop a transition plan to address areas for remediation to align the application with the baseline standards
- Ensuring that appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the Information System Owner (ISO).
- Conduct research, develops, implements, test, and reviews an applications information security IAW DoD/NIST RMF requirements in order to protect information and prevent unauthorized access.
- Direct the contracting team about security measures, explain potential threats, implement security measures, and monitor applications in order to meet or exceed all DoD/NIST RMF requirements, resulting in faster and more accurate software releases.
- supporting the maintenance of active security authorizations for all projects/security plans (SPIDs) and of required security body of evidence (BoE) artifacts such as POAMs, control implementations and test plans to meet all Assessment and Authorization (A&A) milestone requirements
- Overseeing the continuous integration of newly developed or modernized applications and services with all enterprise security services (ESS)
- Implementing all applicable manual Security Technical Implementation Guides (STIGs), vendor hardening guides and ensuring timely installation of all available patches
Benefits
- flexible time off
- robust learning resources
- comprehensive benefits
- healthcare
- wellness
- financial
- retirement
- family support
- continuing education
- time off benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
