Information System Security Officer (ISSO) Level 2
Company: Allen Integrated Solutions
Location: Chantilly
Posted on: May 26, 2023
|
|
Job Description:
An Information System Security Officer (ISSO) includes skill
requirements from a security or Office Security Program Office and
Office of Security and Counterintelligence (OS&CI) and
Facilities and Information Systems Division (F&ISD) for all
information technology issues such as malicious code eradication,
configuration management, assessment and authorization of current
and future systems. ISSOs shall know how to implement common
information system security practices, policies, and technologies.
Additionally, ISSOs demonstrate self-motivation, initiative, sound
judgement, effective interpersonal skills, team building skills,
and effective communication skills. Contractors performing ISSO
functions shall possess and maintain, or obtain within six months
from their arrival date, professional Information Security (IS)
certification(s) appropriate for the level of duty and
responsibility of their position. Responsibilities: Performs
assessments of systems and networks within the networking
environment or enclave and identifies where those systems/networks
deviate from acceptable configurations, enclave policy, or local
policy. This is achieved through passive evaluations (compliance
audits) and active evaluations (vulnerability assessments).
Establishes strict program control processes to ensure mitigation
of risks and supports for obtaining certification and accreditation
of systems. This includes process support, analysis support,
coordination support, security certification test support, security
documentation support, investigations, software research, hardware
introduction and release, emerging technology research inspections,
and periodic audits. Assists in the implementation of required
government policy (e.g.,, NISPOM, DCID 6/3), and makes
recommendations on process tailoring. Supports the formal Security
Test & Evaluation (ST&E) required by each gov ernment
accrediting authority through pre-test preparations, participation
in the tests, analysis of the results, and preparation of required
reports. Performs analyses to validate established security
requirements and recommends additional security requirements and
safeguards where required. Supports the formal Security Test &
Evaluation (ST&E) required by each government accrediting
authority through pre-test preparations, participation in the
tests, analysis of the results, and preparation of required
reports. Periodically conducts a review of each system's audits and
monitors corrective actions until all actions are closed. Required
Qualifications: Bachelor's Degree and 3 years of work experience or
equivalent; High School/GED and 8 years of work experience;
Associates Degree and 6 years of work experience or equivalent;
Master's or higher AND 2 years relevant experience Experience in
the following areas is considered relevant: information technology
security, information systems security, information assurance
engineering. Desired Qualifications: Familiarity with conducting
research and analysis; Familiarity with network and information
system security principles and best practices; Familiarity with
controlling, labeling, virus scanning, and appropriately
transferring data (uploading/downloading) between information
systems at varying classification levels; Ability to engender
rapport with the military, civilians, and other contractors at all
levels; Ability to prioritize tasks; Familiarity with applicable
IC, DoD policies, procedures and operating instructions related to
Information Technology, Information Assurance, Information
Management (IT/IA/IM). Thorough understanding and application of
network security principles, practices, and implementations;
Working knowledge of cross-functional integration of information
systems into a physical security environment; Working knowledge of
system functions, security policies, technical security safeguards,
and operational security measures; Understanding of system
methodologies including but not limited to client server, web
hosting, web content servers, policy servers, directory servers,
firewalls, WAN, LAN, switches, and routers; Familiarity with
detecting and preventing computer security compromises in a
networked environment; Working knowledge of configuration
management; system maintenance; and integration testing; Proficient
in the use of tools used to prevent and/or negate malicious code;
Understanding of COTS tools that scan at the physical layer of all
removable and fixed media types including but not limited to: (CDs,
hard drives, thumb drives, Zip/Jazz, etc.); Ability to decipher and
explain in clear language Intelligence Community Directive (ICD)
503; Ability to support forensics and evidentiary preservation;
Ability to troubleshoot technical configurations and make
recommendations on the protection of classified and sensitive data;
Demonstrated ability to translate technical information and
information technology jargon into plain English; Ability to apply
a risk management philosophy when faced with security challenges
and the ability to articulate the pro's and con's in a clear
concise manner; Demonstrated proficiency with the following
computer operating systems (e.g. Microsoft Windows, LINUX, UNIX,
Mac OS, etc.); Analytical ability to decipher complex technical
configuration management documents; Demonstrated proficiency with
database maintenance; Strong ability to elicit, articulate, and
document information in a well-organized manner; Demonstrated
ability to work independent of close supervision; Demonstrated
experience with Microsoft Office Suite; Working knowledge of all
applicable IC, DoD policies, procedures and operating instructions
related to Information Technology, Information Assurance,
Information Management (IT/IA/IM); Excellent communication,
interpersonal, and team-building skills to engender rapport with
the military personnel, civilians, and other contractors at all
levels; An ability to prioritize work to meet deadlines, and to
manage the workflow of the ISSO team; Demonstrated ability to
correlate audit results between various systems and/or users and
notify the ISSM of any discrepancies.
Keywords: Allen Integrated Solutions, Chantilly , Information System Security Officer (ISSO) Level 2, IT / Software / Systems , Chantilly, Virginia
Click
here to apply!
|