| This posting has been closed |
We are seeking an Information Systems Security Officer (ISSO) in Linthicum, MD.
Duties will include:
- Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves;
- Provide guidance and technical expertise on all matters that impact or effect the security of the information system;
- Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis;
- Developing, updating, and submitting the System Security Plan and other required documentation that make up the Security Authorization Package;
- Conduct configuration management for security-relevant changes to software, hardware, and firmware;
- Perform and deliver security impact analyses of changes to the system or its environment of operation;
- Assess the effectiveness of system security controls on an ongoing basis to determine system security status; and
- Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments
Here’s What You’ll Need:
Basic Qualifications:
- Active TS/SCI with current Full Scope Polygraph.
- Bachelor of Science degree in Information Technology, IT Security, Network Systems Technology or related field or 4 years’ experience in lieu of degree plus five (5) to seven (7) years of directly related experience or any equivalent combination of education, experience, training, and certifications.
- 10 years of related work experience in the field of security authorization; education may be substituted for experience
- DoD 8570 compliant IAM Level I certification, such as the CompTIA Security+ certification. A higher-level certification, such as GSLC, CAP, CASP, CISM and/or CISSP will also be accepted
- Knowledge of the security authorization processes and procedures as defined in the Risk Management Framework NIST SP800-37
- Familiarity with the ICD503, CNSSI1253, NIST SP800-53, etc.
- Knowledge of commercial security tools and their uses
- Experience with hardware/software security implementations
- Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services
- Familiarity with security incident management, experience collaborating with Incident Response Teams
- Ability to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance
- Experience creating and presenting documentation and management reports
Additional Qualifications:
- Experience working with the XACTA IA Manager
- Ability to be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues
- Ability to be committed to continuous learning and system development because of the constant developing nature of cyber attacks
- Ability to quickly learn new concepts, data formats, and software
- Ability to be self-motivated, independent, detail-oriented, responsible team player, and exhibit exceptional relationship management skills