Nature of Duties
Responsibilities include, but are not limited to:
The ISSO will be responsible for system security planning, system/application compliance testing, project management, tracking and remediating findings, and maintaining and continuous improvement of documentation for communications web applications and the incident response team’s equipment. The ISSO must be an expert at developing strategic-level plans and have strong knowledge and experience in information technology and security applications.
- Manage and track security project tasks, including but not limited to, security controls development and implementation, security testing and remediation, compliance tracking, and documentation for management and auditing activities; tracking of closed areas assets.
- Assist in the completion of the accreditation process, as applicable, and help maintain the closed areas accredited status as required by Defense Security Services (DCSA), Information System Security Manager (ISSM), and the Authorization to Operate (ATO).
- Input security artifacts into the eMass risk management and compliance system.
- Assist in selecting, implementing, and auditing security controls, contingency plan, configuration management, etc. based on guidance documents such as NIST
- Perform security assessment and risk analysis including log auditing and vulnerability scanning.
- Maintain and assist in remediating tasks in Plan of Action and Milestones (POA&M).
- Provide regular (weekly or more frequent) project management reports
- Support the growth, expansion, and continuous modernization of the closed area environment(s) and associated technologies.
- Interact with representatives of FBI, DCSA, Customers and other government agencies, as required.
Experience and Education
- Experience in a Department of Defense Information Security contractor security environment with demonstrated knowledge of classified Information System operating systems.
- Knowledgeable of DCSA certification authority and familiar with the RMF accreditation process.
- Experience with security configurations across multiple operating systems in various environments, to include: Windows, Linux/Unix, utilizing Active Directory/Group Policy, etc. is required.
- Security related certifications (CISM, Security +, GSLC, CISSP or equivalent) is preferred.
- Experience with eMass is preferred.
- Ability to multi-task and excel in a multi-customer environment.
- Familiarity with documentation and tools such as: NISPOM, DAAPM, NIST SP 800-53, DISA STIGs, SCAP
- Excellent troubleshooting skills
- Applicants selected must have a current government security clearance and must meet immediate eligibility requirements for access to Secret classified information.
- Bachelor’s degree in computer-related discipline.
- Minimum 5 years IT-related work experience (system administration, Help Desk technician, etc) in an ISSO position.