Information System Security Officer (ISSO)

Location: MacDill AFB - Tampa, FL

Clearance Required: Active TS clearance ( eligibility for SCI and ability to obtain a CI poly is required upon application for initial consideration) **We are not able to upgrade or sponsor clearances**

Certification Required: CISA, CRISC, CISM, CGEIT, CISSP or CAP

At Bcore, our strength comes from how we deliver impact to the mission. Whether it's architecting critical IT solutions, producing actionable intelligence, or developing cutting edge technology, we succeed because of the expertise, collaboration, and agility of our teams. Our Mission Services division combines enterprise IT, cloud solutions, DevSecOps, systems engineering, software development, and operational support. Bcore accelerates decisive advantage for warfighters and intelligence professionals by fusing human insight, rapid-fire engineering, precision-measured outcomes, and relentless grit into mission-ready solutions.

Do you want to join a team that is building tailored technical solutions to modernize our government's mission and our client's business? Do you have a desire to change how people work? Are you interested in helping to protect our nation's cyber interests? Join our growing team supporting the NGA customer missions as an Information System Security Officer (ISSO).

Responsibilities

What you get to do every day:

• Develop and coordinate all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment
• Support the control assessment, reporting and monitoring processes using the Cyber Security and Assessment Management (CSAM) system
• Assist the component with staying on track with Core Controls and A-123 control assessment schedules
• Work with components to ensure each Risk Based Decisions (RBD's) has a current Waivers.
• Coordinate with CSS Customer Liaison support, including status of the process and POA&Ms.
• Support and document security controls tests, assist in remediation and ensure that POA&Ms are being appropriately managed.
• Develop or update the Business Continuity and Contingency Plan for the component.
• Assist the components with decisions that affect security of their systems and networks.
• Facilitate preparations for the tri-annual Security Assessment and Authorization (SA&A) component's Information System.
• Conduct assessments of information systems security requirements, evaluate current security posture and recommend priorities for remediation.
• Review information system infrastructure and application architecture to assess security requirements
• Review existing SA&A documentation, Security Assessment Report and security infrastructure (i.e. IDS, firewalls, vulnerability scan tools, etc.)
• Assess NIST 800-53, Rev 4. Control and document results
• Evaluate and strengthen standard SA&A Documentation
• Perform and document risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities;
• Based on the risk profile of the analyzed systems, development and documentation of a Plan of Action and Milestones (POA&M) for mitigating those risks;
• Design and development of comprehensive Systems Security Plan, covering at a high level the infrastructure, policies and procedures which define the systems security profile for the analyzed systems;
• Development of Systems Security Users Guides specific to selected networks, desktop computers, servers and data base systems; Design, development, and validation of System Test and Evaluation (ST&E) reviews for new and/or legacy systems.
• Review and conduct NIST-based Self Assessments, identifying any weaknesses which need to be addressed, and developing a POA&M for each of those weaknesses based on industry best practices.
• Design and development of Initial Privacy Assessment (IPA) and Privacy Impact Assessments (PIAs) for each major Federal Government IT Systems Developing and conducting System Test and Evaluations (ST&Es) and Independent Verification and Validation (IV&Vs) of the security profiles of Federal Government IT Systems
• Conduct OMB A-123 security assessments of Federal Government IT Systems.

Qualifications

Clearance Required: Active TS clearance ( eligibility for SCI and ability to obtain a CI poly is required upon application for initial consideration) **We are not able to upgrade or sponsor clearances**

Certification Required:

• Current certification in one or more of the following IT Security disciplines:
  • ISACA - Certified Information Systems Auditor (CISA)
  • ISACA - Certified in Risk and Information Systems Control (CRISC)
  • ISACA - Certified Information Security Manager (CISM)
  • ISACA - Certified in Governance of Enterprise IT(CGEIT)
  • (ISC)2 - Certified Information Systems Security Professional (CISSP)
  • (ISC)2 - Certified Authorization Professional (CAP)

Education/Experience:

• Requires Bachelor's degree
• 8+ years' experience performing systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise data bases leading to successful certification and accreditation or security authorization of such systems.
• 8+ years' experience assessing and enhancing IT systems security policies and procedures in response to the regulatory requirements associated with Federal and International standards.
• 8+ years IT Security experience with extensive knowledge in security regulations and security assessments having developed numerous security C&A (or SA&A) and ATO on a range of systems including classified systems
• Strong working knowledge with NIST Special Publications and the NIST SP 800-37 SA using CSAM system

What is ideal?

• Intelligence Community Experience preferred

What you can expect from us

• Recognizing great achievements do not go unnoticed by bcore through service anniversaries, spot awards, and employee referral bonuses
• You'll join a growing organization of passionate, top-shelf, IT engineering professionals with extensive experience in actively developing the technology revolution in the Intelligence community
• Highlights of our benefits include Health/Dental/Vision, 401(k) match and potential Profit Sharing, Universal Leave, STD/LTD/Life Insurance/Voluntary Life Insurance, Stipends, Referral Bonuses, and more!
• Compensation is unique to each candidate and compensation packages are based on education, experience, and other requirements.

BCore is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.