Information System Security Officer (ISSO) Level 2

Company: Allen Integrated Solutions
Location: Chantilly
Posted on: May 26, 2023

Job Description:

An Information System Security Officer (ISSO) includes skill requirements from a security or Office Security Program Office and Office of Security and Counterintelligence (OS&CI) and Facilities and Information Systems Division (F&ISD) for all information technology issues such as malicious code eradication, configuration management, assessment and authorization of current and future systems. ISSOs shall know how to implement common information system security practices, policies, and technologies. Additionally, ISSOs demonstrate self-motivation, initiative, sound judgement, effective interpersonal skills, team building skills, and effective communication skills. Contractors performing ISSO functions shall possess and maintain, or obtain within six months from their arrival date, professional Information Security (IS) certification(s) appropriate for the level of duty and responsibility of their position. Responsibilities: Performs assessments of systems and networks within the networking environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations (compliance audits) and active evaluations (vulnerability assessments). Establishes strict program control processes to ensure mitigation of risks and supports for obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits. Assists in the implementation of required government policy (e.g.,, NISPOM, DCID 6/3), and makes recommendations on process tailoring. Supports the formal Security Test & Evaluation (ST&E) required by each gov ernment accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Performs analyses to validate established security requirements and recommends additional security requirements and safeguards where required. Supports the formal Security Test & Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports. Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. Required Qualifications: Bachelor's Degree and 3 years of work experience or equivalent; High School/GED and 8 years of work experience; Associates Degree and 6 years of work experience or equivalent; Master's or higher AND 2 years relevant experience Experience in the following areas is considered relevant: information technology security, information systems security, information assurance engineering. Desired Qualifications: Familiarity with conducting research and analysis; Familiarity with network and information system security principles and best practices; Familiarity with controlling, labeling, virus scanning, and appropriately transferring data (uploading/downloading) between information systems at varying classification levels; Ability to engender rapport with the military, civilians, and other contractors at all levels; Ability to prioritize tasks; Familiarity with applicable IC, DoD policies, procedures and operating instructions related to Information Technology, Information Assurance, Information Management (IT/IA/IM). Thorough understanding and application of network security principles, practices, and implementations; Working knowledge of cross-functional integration of information systems into a physical security environment; Working knowledge of system functions, security policies, technical security safeguards, and operational security measures; Understanding of system methodologies including but not limited to client server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, LAN, switches, and routers; Familiarity with detecting and preventing computer security compromises in a networked environment; Working knowledge of configuration management; system maintenance; and integration testing; Proficient in the use of tools used to prevent and/or negate malicious code; Understanding of COTS tools that scan at the physical layer of all removable and fixed media types including but not limited to: (CDs, hard drives, thumb drives, Zip/Jazz, etc.); Ability to decipher and explain in clear language Intelligence Community Directive (ICD) 503; Ability to support forensics and evidentiary preservation; Ability to troubleshoot technical configurations and make recommendations on the protection of classified and sensitive data; Demonstrated ability to translate technical information and information technology jargon into plain English; Ability to apply a risk management philosophy when faced with security challenges and the ability to articulate the pro's and con's in a clear concise manner; Demonstrated proficiency with the following computer operating systems (e.g. Microsoft Windows, LINUX, UNIX, Mac OS, etc.); Analytical ability to decipher complex technical configuration management documents; Demonstrated proficiency with database maintenance; Strong ability to elicit, articulate, and document information in a well-organized manner; Demonstrated ability to work independent of close supervision; Demonstrated experience with Microsoft Office Suite; Working knowledge of all applicable IC, DoD policies, procedures and operating instructions related to Information Technology, Information Assurance, Information Management (IT/IA/IM); Excellent communication, interpersonal, and team-building skills to engender rapport with the military personnel, civilians, and other contractors at all levels; An ability to prioritize work to meet deadlines, and to manage the workflow of the ISSO team; Demonstrated ability to correlate audit results between various systems and/or users and notify the ISSM of any discrepancies.

Keywords: Allen Integrated Solutions, Chantilly , Information System Security Officer (ISSO) Level 2, IT / Software / Systems , Chantilly, Virginia