Information Systems Security Officer (ISSO)
About The Position
SAIC’s National Intelligence Community (NIC) business unit provides Information Technology, Engineering, and Mission solutions and services supporting digital modernization programs in areas such as cloud, cyber, data, AI/ML, and software. The overall scope of this program is the managerial, design, engineering, architectural, and technical services to advance the management of software resources and the management of IT service functions for the IT Enterprise. Software management requirements include Operating Systems, Free and Open Source Software (FOSS), Commercial-Off-The-Shelf software (COTS), Government-Off-The-Shelf software (GOTS), web browser extensions, patches, service packs, and hot fixes. IT service management requirements include, the systems, tools, and processes developed, for management and control of the entire range of enterprise IT services. All products and services are designed with high availability and reliability/resiliency features. This work will be in Fort Meade and staffing is expected to begin in early 2024. SAIC is seeking Information Systems Security Officers (ISSO) to provide support for a program, organization, system, or enclave’s information assurance program.
Requirements
- Information Systems Security Officer (ISSO) experience
- Experience supporting a program, organization, system, or enclave’s information assurance program
- Experience with proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies
- Experience maintaining operational security posture for an information system or program
- Experience assisting with the management of security aspects of the information system and performing day-to-day security operations
- Experience evaluating security solutions for processing classified information
- Experience performing vulnerability/risk assessment analysis
- Experience with configuration management (CM) for information system security software, hardware, and firmware
- Experience managing changes to systems and assessing security impact
- Experience preparing and reviewing documentation (SSPs, Risk Assessment Reports, C&A packages, SRTMs)
- Experience supporting security authorization activities in compliance with NIST RMF
Responsibilities
- Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
- Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
- Assist with the management of security aspects of the information system and performs day-to-day security operations of the system.
- Evaluate security solutions to ensure they meet security requirements for processing classified information.
- Perform vulnerability/risk assessment analysis to support certification and accreditation.
- Provide configuration management (CM) for information system security software, hardware, and firmware.
- Manage changes to system and assesses the security impact of those changes.
- Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
- Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
