Information Systems Security Specialist

About The Position

Requirements

• Demonstrated knowledge, experience, and proficiency in working with CNSI to include Sensitive Compartmented Information (SCI).
• Demonstrated knowledge, experience, and proficiency utilizing Information Systems CNSI, CNSI and SCI policies, CNSI and SCI instructions, CNSI and SCI regulations, and CNSI and SCI procedures.
• Must possess an IAM Level I certificate in accordance with DODM 8140.01.
• Must be familiar with and experienced with DoDI 8510.01 Risk Management Framework for Information Technology (IT).
• IAM Level I certificate in accordance with DODM 8140.01.
• Five (5) years practical experience in Cybersecurity, Engineering, T&E or A&A related field OR Seven (7) years' experience without a degree.
• Familiarity and experience in DoDI 8510.01 Risk Management Framework for Information Technology (IT).
• Must have the experience, education, or training that demonstrates the ability to follow directions, to read, understand, and retain a variety of instructions, regulations, and procedures.
• Must demonstrate the ability or have endorsements that indicate the ability to learn and perform the cited position's duties.
• Must demonstrate knowledge of security classification methods, concepts, eligibility for access to classified or sensitive information and the process for granting personnel security clearances/accesses, and knowledge of commonly applied security principles, concepts, and methodologies in carrying out information, personnel, and physical security programs related to the protection of SCI.
• Knowledge of the methods of performing such duties as conducting inspections and investigations, collecting, and analyzing information, etc., and skill in weighing the impact of variables such as critical personnel qualifications, variations in building construction characteristics, access and entry restrictions, equipment availability, and other issues that influence the course of actions taken in resolving security questions and issues.
• Must be able to successfully pass a background check, and pre-employment drug testing.

Responsibilities

• Conduct compliance checks for SCI accredited automated information systems.
• Compile certificates and security and information systems forms from special security Information System (IS) users.
• Report all security-related incidents pertaining to the special security information systems to the Command Special Security Information Systems Security Manager (ISSM).
• Conduct periodic reviews of special security information systems to ensure compliance with the security authorization package.
• Participate in and conduct research in support of hardware, software, and firmware reviews as a member of the Configuration Management Boards.
• Submit requests for changes or modifications to hardware, software, or firmware to the ISSM and AO/DAO for review and approval.
• Notify the ISSM and AO/DAO of system changes that impact system authorization.
• Monitor special security IS processes via user testing to ensure security features and procedures are functioning correctly.
• Review all IS security-related documentation to ensure it is current and accessible.
• Review audit records within the special security IS for compliance with information policies and to ensure audit records are being collected.
• Notify the ISSM if audit records are not being collected or if compliance issues are identified.
• Fill COMSEC keying materials into COMSEC equipment.
• Sign as a witness for issuing COMSEC materials.
• Perform software or firmware updates on COMSEC equipment.