Information Systems Security Officer

About The Position

Requirements

• Must be a US Citizen.
• Active Secret Clearance
• Greater than one-year minimum practical experience as an ISSO familiar with eMASS, ACAS/ Nessus scans, applying STIGs, etc.
• Familiarity with cybersecurity and IT security matters, including documentation requirements and security control implementation.
• Ability to successfully pass a pre-employment drug test.
• Must be a self-starter who does not shy away from challenges and hard work
• Ability to lead an Army program to meet all documentation, artifact, and eMASS cyber security management requirements to achieve an Authority to Operate (ATO) for an Army tactical system
• Skilled in providing technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation.
• Versed in design of information system contingency plans and other deliverables which maintain appropriate levels of protection and meet time requirements for minimizing operations impact to customer organization as well as Security Authorization and Assessment (A&A processes).
• Strong writing skills to develop and maintain System Security Plans (SSP), Contingency Plans, Privacy Impact Assessments, Certification Reports, Accreditation Reports, Plan of Action & Milestones (POA&M), and other C&A documentation.
• Demonstrates oral and written communication skills to work closely with all levels of personnel involved in IT operations and technical aspects of systems.
• Familiarity with security policies & guidance documents to assist with the preparation and maintenance of process artifacts and traceability documents purposed for compliance with Authority to Operate (ATO) requirements.

Nice To Haves

• Familiarity and/or previous experience with a tactical Army systems

Responsibilities

• Maintaining the security posture of Army’s IT systems by managing security controls
• Conducting risk assessments
• Ensuring compliance with regulations
• Overseeing authorization packages
• Monitoring vulnerabilities
• Responding to incidents to protect confidentiality, integrity, and availability of data
• Developing security plans
• Performing continuous monitoring
• Managing POA&Ms (Plans of Action & Milestones)
• Collaborating with stakeholders to build a strong security culture
• Supports all aspects of Risk Management Framework(RMF) processes tailored to include minimum cybersecurity standards and demonstrate competency with specific experience in Cyber Security, Engineering, Test & Evaluation, (T&E) and/or Security Control Assessor (SCA) under a Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) process
• Function as a representative for cybersecurity matters, including reporting requirements, data calls, Army CIO requirements, as well as legal and compliance matters relating to IT security
• Design, implementation, and support of cybersecurity artifacts
• Actively participate in IT and security meetings
• Manage the ATO process for Army tactical missile systems and assets, including control implementation and documentation. Comfortable utilizing eMASS to document to meet this goal
• Conducts testing and audit log reviews to evaluate the effectiveness of current security measures. Directs and implements the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure, or destruction
• Monitors security of electronic data, application system usage, networks, and physical environment
• Evaluate security solutions to ensure they meet security requirements for processing up to classified information and supervise and/or maintain the operational security posture for an information system or program