Information System Security Officer 2- TS/SCI with Poly

Are you interested in using your skills to help shape the Cyber, Security, & Intel space? If so, look no further. We are seeking an Information System Security Officer to join our team of passionate individuals. In this role you will support challenging, mission-critical projects that make a direct impact on the nation's security and intelligence mission.

The candidate will be responsible for security architecture and systems engineering supporting projects (primarily MFAMS, TITUS and JBlocks). The ISSO will provide guidance to the team to support system accreditation (IATT and ATO).

Responsibilities:

• Develop and maintain System Security Plans (SSPs).
• Work with ISSM and DAOs to ensure systems obtain and maintain accreditation.
• Apply continuous monitoring techniques to evaluate the systems security posture.
• Create tasking for developers and system administrators as changes and patching are required.
• Ensure security policies, practices, and procedures are implemented.
• Track Plans of Actions and Milestones (POA&M).
• Review Audit Logs.
• Perform Data Transfers.
• The ICD 503/NIST 800-53 certification and accreditation process.
• The Risk Management Framework
• Developing and maintaining SSPs
• IAVA review and handling
• Interpreting Security Scan results
• Interfacing with System Administrators and Software Engineers
• Task tracking systems (e.g. Jira, Redmine, ServiceNow)
• Understands Public Key Infrastructure-based authentication.
• Understands a variety of security policies, especially within the IC.
• Understands fundamentals of technical security risk assessment.
• Understands how to perform analysis of alternatives.
• Able to clearly communicate ideas and status updates to management and other stakeholders.
• Must be able to work in a collaborative environment.
• Must be able to work with minimal supervision.

#divergent

• Provides support for a program, organization, system, or enclave's information assurance program.
• Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
• Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
• Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
• Evaluate security solutions to ensure they meet security requirements for processing classified information.
• Performs vulnerability/risk assessment analysis to support certification and accreditation.
• Provides configuration management (CM) for information system security software, hardware, and firmware.
• Manages changes to the system and assesses the security impact of those changes.
• Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports,
• Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Supports security authorization activities in compliance with the National Institute of Standards and Technology Risk Management Framework (NIST RMF).

Clearance Required:

• Active TS/SCI with Polygraph

Minimum Education:

• Bachelor's degree in Computer Science or related discipline from an accredited college or university is required.

Certification Requirement:

• This position has been designated as requiring CWIP certification and requires one of the following baseline certifications to qualify:
  • CAP, CND, Cloud+, GSLC, Security+ CE, HCISPP.

Minimum Years of Experience:

• Ten (10) years experience as an ISSO on programs and contracts of similar scope, type, and complexity is required. Four (4) years of additional ISSO experience may be substituted for a bachelor's degree for a total of fourteen (14) years.
• Experience is to include at least two (2) of the following areas:
  
  • knowledge of current security tools
  • hardware/software security implementation
  • communication protocols
  • encryption techniques/tools