Information Systems Security Officer (ISSO)

Position Title: Information Systems Security Officer (ISSO)
Clearance Requirements: TS/SCI with CI Polygraph. Investigation or CV date within 5 years.

Duties and Responsibilities:

System Security Management:

• Experience with security tools and technologies such as vulnerability scanners, intrusion detection systems, security information and event management (SIEM) systems
• Participate in the implementation of current and future security domains (i.e. DevSecOps, AI, Cloud Computing, etc.)
• Develop, implement, and maintain system documentation for information system authorization, security management, and continuous monitoring (CONMON) of both networked and standalone information systems (i.e., Authorization To Operate (ATO), System Security Plan (SSP), Plans of Actions and Milestones (POAM), etc.).
• Ensures the SSP accurately reflects the system architecture, security controls, and operational procedures
• Conducts regular reviews and updates to the SSP to address changes in system configuration, threats, vulnerabilities, and regulatory requirements
• Manages and monitors the implementation of security controls as described in the SSP, including technical, administrative, and physical security measures
• Conducts risk assessments and vulnerability assessments to identify potential security weaknesses
• Develops and implements mitigation strategies to address identified risks and vulnerabilities
• Maintains a thorough understanding of system architecture, operating systems, applications, and network infrastructure
• Ensures system compliance with applicable IC policies and standards
• Ensure applicable Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) are completed
• Participates in system design reviews to ensure security requirements are integrated from the outset

Incident Response:

• Develops and implements incident response plans (IRPs) for assigned systems
• Investigates security incidents and breaches, analyzing root causes and implementing corrective actions
• Coordinates with the Cybersecurity Service Provider (CSSP) and other relevant stakeholders during incident response activities
• Documents and reports security incidents in accordance with DoD policy
• Participates in incident response exercises and tabletop scenarios to test the effectiveness of the IRP

Configuration Management:

• Ensures that system configurations are maintained in a secure state
• Monitors system configurations for unauthorized changes
• Participates in change management processes to ensure security implications are addressed
• Ensures accurate documentation of system configurations and security baselines

Audit and Assessment:

• Supports internal and external security audits and assessments
• Prepares documentation and provides evidence to auditors as required
• Reviews audit findings and implement corrective actions to address deficiencies
• Conducts regular self-assessments to ensure compliance with security requirements

Continuous Monitoring:

• Implements and maintains continuous monitoring to track the security posture
• Analyzes security logs and alerts to identify potential security incidents
• Reports security status to the relevant stakeholders

Coordination and Communication:

• Collaborate with ISSOs, ISSMs, SCAs, system administrators, and developers
• Communicates security risks and vulnerabilities to relevant stakeholders
• Presents the system security activities in Scrum meetings and forums
• Provides technical security advice and guidance to system users and administrators

Qualifications

Qualifications:

• Active TS/SCI with CI poly is REQUIRED
• Education: BS degree in Computer Science, Information Security, or a related field
• Minimum of 10-years of experience in information security, with a focus on system security administration
• IAT Level II (CISSP, Security+ CE, CCNA Security, etc.)
• Possess a DoD 8140 Intermediate or Advanced Certification (i.e. CISSP, Security+, etc.)

• Experience with the DoD Risk Management Framework (RMF) is required
• Knowledge of operating systems (Windows, Linux, Unix), networking protocols, and database management systems.
• Expertise in security tools such as SCAP Compliance Checker, ACAS Scans, and SPLUNK