Information Systems Security Officer

Overview

TUNUVA Technologies (a wholly owned subsidiary of VTG) seeks to hire an Information Systems Security Officer (ISSO) in Springfield, VA to monitor and maintain systems security on operational systems such as malicious code eradication, configuration management, assessment and authorization of current and future systems, as well as to review and revise systems security documentation on proposed systems. ISSOs shall know how to implement common information system security practices, policies, and technologies. Additionally, ISSOs demonstrate self-motivation, initiative, sound judgement, and effective interpersonal skills, team building skills, and effective communication skills.

What will you do?

Responsibilities

• Collaborate with system stakeholders and teammates to enhance system security
• Communicate effectively with all security stakeholders
• Create, revise, or review cybersecurity documentation
• Proactively identify opportunities for increasing customer value and engagement
• Act as a Data Transfer Agent between systems of varying security domains
• Inventory, track, and control removable media and portable electronic devices
• Advise stakeholders on NIST SP 800-37 RMF workflows and requirements
• Review SIEM and RMF workflow tools to advise ISSM on system security baselines and authorization statuses
• Advise system stakeholders on acceptable use and applicable cybersecurity policy or regulation
• Properly report and document security incidents and response actions

Do you have what it takes?

Requirements

• Clearance: Active TS/SCI with CI Polygraph
• Currently hold or obtain and maintain DoD 8570 IAT-2 certification within 6 months of starting the position
• Applicants should possess education and experience at the appropriate level for the position . Education relevant to computer engineering, information security, information management, and/or computer science. Experience relevant to information technology security, information systems security, information assurance engineering, and systems administration.
• Bachelor's degree + 2 years of experience OR High School/GED + 6 years of experience OR Associate's degree + 4 years of experience OR Master's degree or higher + 0 - 2 years of experience

Desired Qualifications

• Knowledge of and experience with ICD 503 and NIST SP 800-37 Risk Management workflows
• Understanding and application of network security principles, practices, and implementations
• Working knowledge of cross-functional integration of information systems into a physical security environment
• Working knowledge of system functions, security policies, technical security safeguards, and operational security measures
• Understanding of system methodologies including but not limited to client server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, LAN, switches, and routers
• Familiarity with detecting and preventing computer security compromises in a networked environment
• Working knowledge of configuration management; system maintenance; and integration testing
• Proficient in the use of tools used to prevent and/or negate malicious code
• Understanding of Commercial-Off-the-Shelf (COTS) tools that scan at the physical layer of all removable and fixed media types including but not limited to: (CDs, hard drives, thumb drives, Zip/Jazz, etc.)
• Ability to explain in clear language Intelligence Community Directive (ICD) 503
• Ability to support evidentiary forensics and preservation
• Ability to troubleshoot technical configurations and make recommendations on the protection of classified and sensitive data
• Demonstrated ability to translate technical information and information technology jargon into plain English
• Ability to apply a risk management philosophy when faced with security challenges and the ability to articulate the pro's and con's of a particular solution in a clear concise manner
• Demonstrated proficiency with computer operating systems (e.g., Microsoft Windows, LINUX, UNIX, Mac OS, etc.)
• Analytical ability to understand complex technical configuration management documents
• Demonstrated proficiency with database maintenance
• Strong ability to elicit, articulate, and document information in a well-organized manner
• Demonstrated ability to work independent of close supervision
• Demonstrated experience with Microsoft Office Suite
• Working knowledge of all applicable customer, IC, and DoD policies, procedures and operating instructions related IT/IA/IM
• Excellent communication, interpersonal, and team-building skills to engender rapport with the military personnel, civilians, and other contractors at all levels
• An ability to prioritize work to meet deadlines, and to manage the workflow of the ISSO team
• Demonstrated ability to correlate audit results between various systems and/or users and notify the Information Systems Security Manager (ISSM) of any discrepancies