Senior Information System Security Officer

PRIMARY RESPONSIBILITIES:

• Support the customer project teams as a member of the Security Team as a Senior ISSO. Duties could include:

• · Perform regular audits of Information Systems (IS), including review of system audit logs, compliance scan results, and other continuous monitoring reports

• · Assist the Information System Security Manager (ISSM) in preparing the IS for periodic reaccreditation and/or reauthorization

• · Assist with the evaluation of changes or additions to the IS within the facility, work with the ISSM to determine security relevance, and make recommendations for approval or denial to the ISSM.

• · Ensure the implementation of security measures in accordance with Agency policies and ISSM’s guidance.

• · Identify and document any unique threats to the Information Systems

• · Perform periodic Risk Assessments of the Information Systems using Enterprise tools

• · Register the IS with appropriate organizational program/management offices

• · Assist with the implementation of facility procedures, under the direction of the ISSM, to include media handling, security incident handling, IS User Briefings, and IS security reviews and audits

• · Provide general technical support to users and general system administrator support

BASIC QUALIFICATIONS/EDUCATION:

• · At least eight (8) years of general experience in computer science, computer engineering, engineering, mathematics, or related discipline

• · At least 5 years of experience in engineering and program processes (CM, QA, risk management, reporting) software development methodologies, planning, designing, and analyzing processing and storage retrieval systems on a mid- to large-scale

• · IAT I level certification

• · A bachelor’s degree in electrical engineering or computer engineering may be substituted for four (4) years of general experience.

• A TS/SCI Polygraph level clearance

PREFERRED QUALIFICATIONS:

• · Experience as an ISSO/ISSE with emphasis on Defense-in-Depth principles, network and enterprise security architecture

• · Experience in IA/ISSE, Defense-in-Depth Principles and technology including access control, authorization, identification and authentication PKI, Network Security Architecture

• · Experience applying the principles of the NIST 800-53 including the procedures in the Risk Management Framework (RMF)

• · Extensive knowledge of the NSA Certification and Accreditation requirements, process, and tools; ITD Governance Process; Acquisition Security Processes; demonstrated understanding of various IT Architectures, software applications, and operating systems

• · Familiarity with STE/STN requirements

• · Ability to work effectively in a team environment with other highly skilled individuals

• · Excellent written and oral communication skills