Information Systems Security Officer

About This Role

The Information System Security Officer (ISSO) supports Engineering and Operations network solutions and ensures compliance with Information Assurance (IA) programs stipulated by U.S. Government requirements, including DCID, ICD 503, and NIST publications. This role plays a critical part in enhancing and securing government agency operations by preparing Assessment and Authorization (A&A) documents and interfacing with various security disciplines and government representatives.

Responsibilities

• Support Engineering and Operations network solutions and ensure strategic adherence to all aspects of the Information Assurance (IA) program as stipulated by various U.S. Government requirements
• Prepare Assessment and Authorization (A&A) documents and procedures
• Interface with other IA team members, other security disciplines, program personnel, and Government security representatives
• Apply a thorough understanding of network security principles, practices, and implementations
• Demonstrate working knowledge of cross-functional integration of information systems into a physical security environment
• Understand system methodologies including client server, web hosting, firewalls, and networking components
• Be proficient in the use of tools to prevent and/or negate malicious code (e.g., HBSS, Anti Malware, ACAS)
• Apply a risk management philosophy to security challenges and clearly articulate pros and cons
• Elicit, articulate, and document information in a well-organized manner
• Correlate audit results between various systems and/or users and notify the ISSM of any discrepancies

Requirements

• 10+ years of information assurance experience
• Thorough understanding and application of network security principles
• Proficiency with tools like HBSS, Anti Malware, ACAS
• Ability to apply a risk management philosophy
• Strong written and oral communication skills
• US Citizenship Required

Qualifications

• Bachelor's Degree in a related field or equivalent experience
• 10+ years of related experience in information assurance, with progressively responsible experience in ICD 503 certification and accreditation specifically

Nice to Have

• Experience with NIST Special Publication 800-37 Revision 1, CNSSI 1253, and NIST SP 800- 53 Revisions 3 and 4, SP800-39, SP 800-30
• Demonstrated experience in transitioning applications to IC Information Technology Environment (ITE)
• In-depth knowledge of IC ITE services

Skills

* Required skills

Benefits

Certifications