Information Systems Security Officer

8 - 10 years experience  •  Business Services

Salary depends on experience
Posted on 09/21/17
Palm Bay, FL
8 - 10 years experience
Business Services
Salary depends on experience
Posted on 09/21/17

Job Description:

Performs senior level ISSO duties under the guidance of the Information System Security Manager (ISSM) on assigned government-authorized systems.  Leads and reviews the monitoring of systems and operations to include developing and maintaining the System Security Plan (SSP) and Security Controls Traceability Matrix (SCTM), manages and controls changes to the system/enclave, and generates artifacts that support the Risk Management Framework (RMF) process. 

Additional responsibilities include: authoring and maintaining documentation supporting the Assessment & Authorization (A&A) of assigned systems in accordance with the RMF under the JSIG and NISPOM; performing security control assessments as part of the systems’ continuous monitoring plan; overseeing configuration management of assigned systems; works with IT organization to develop device and system hardening guides following DISA and NIST guidelines; continuously review and evaluate best practices for implementing a comprehensive audit program; auditing systems to ensure security posture integrity; conducting periodic hardware/software inventory assessments; identifying system security controls shortcomings and developing POA&Ms; remediate control deficiencies; conducts, documents and reports annual self-assessments; maintaining operational information security posture for a system, program, or enclave; investigating security incidents such as data spills, data integrity and malicious events; ensures all systems and information is disposed of in accordance with internal security policies and practices; authoring and delivering securityeducation training to range of audience levels; responsible for security monitoring and auditing using COTS product (i.e. Nessus, SPLUNK, Purfile, etc.) and industry best practices; and conduct continuous monitoring and periodic self-inspections of facility and computer systems to ensure compliance with accreditation/certification of approved systems.

 Qualifications:

  • Bachelor’s degree from an accredited college in a related discipline
  • Minimum Security+CE required
  • Must have a Top Secret security clearance with the ability to get SCI
  • 8+ years’ experience as an ISSO overseeing or managing cybersecurity on classified systems under, JSIG, NISPOM Ch8, ICD 503, and/or NIST 800-53
  • Extensive experience with RMF
  • Experience developing, managing, providing evidence to close POA&Ms associated with the A&A and project management processes
  • Able to work individually as well as part of a team
  • Solid time management skills
  • Experience with Microsoft operating systems
  • Experience interpreting vulnerability scanning results (Nessus, Retina)
  • Exceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills and ability to lead/mentor teammates
  • High level of personal motivation and initiative to learn and acquire new skills

 Preferred:

  • Linux, UNIX, Solaris and Windowsexperience
  • CISSP, CISA, CISM, CEH or GSLC certification
  • Microsoft's Certified Systems Engineer (MCSE), with security focus
  • Adoption of JIRA, Agile and SCRUM processes
  • Flexibility to adjust to changing requirements, schedules, and priorities
  • Experience working in a military environment
  • Able to socialize ideas, make recommendations, and gain team consensus
  • An Active CI polygraph and/or Full Scope Poly

CHQ20172308-20534

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.