Information Systems Security Officer (TS/SCI/polygraph)

Deloitte is hiring an Information Systems Security Officer (ISSO) for an exceptional opportunity in Annapolis Junction, Maryland.

TS/SCI with polygraph clearance required.

The candidate will be a member of the Government and Public Services (GPS) Security team with primary responsibilities for all aspects of classified systems accreditations, continuous monitoring, procedures, and security plans. The candidate will also support the configuration, control, maintenance and troubleshooting of the classified systems.

The candidate will join a team of professionals with primary responsibility for Information Technologies in Annapolis Junction, MD while providing additional backup and surge support for locations in the Washington D.C. metropolitan area.

ISSO candidate requirements:

• Current TS/SCI clearance with a Polygraph
• Primary work location, Annapolis Junction, MD, National Business Park

• Responsible for maintaining and enforcing all Information Security policies, standards, and guidelines.
  
• Reviews and updates SSPs as needed. Evaluates proposed changes to a system to ensure the change does not impact the system's security.
  
• Assist with installation and setup of new hardware, including desktops, servers, and networking equipment.
  
• Incident response: collaborates internally and externally to develop and support operational procedures to mitigate risks related to classified data spills, intrusions and unauthorized accesses within Federal compliance guidelines relative to specific Federal agency clients to maintain system integrity and availability.
  
• Strong verbal and written skills required providing management status reports and document system changes.
  
• Implement baseline changes under tech lead oversight. Review audit logs.
  
• Conduct vulnerability scans and check scan reports for compliance
  
• Check POA&M status.
  
• Ensure all system users and people with security responsibilities receive their annual awareness training.
  
• Assist with the CM for information system security software, hardware, and firmware
  
• Review and validate user access rights.
  
• Ensure all system users sign the User Agreement before being granted access.
  
• Manages changes to system and assesses the security impact of those changes.
  
• Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
  
• Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system, program, or enclave
  
  

• Strong technical knowledge of security system functions, security policies, technical security safeguards, and operational security measures to include government security requirements with NISPOM and ICD 503.
  
• Must meet 8570 IAT II requirements to include one of the following certifications: CCNA Security, GSEC, Security+ CE, SSCP, CASP CE, CCNP Security, CISA, CISSP.
  
• Two (2) years of experience with Assessment and Authorization, Information Assurance and supporting a client within the Intelligence Community.
  
• One (1) year of experience in a network/software/hardware support and/or systems administrator role.
  
• Information Assurance experience including evaluating, testing, certifying and accrediting of classified and sensitive but unclassified information systems as well as Commercial Off The Shelf (COTS) and Government Off The Shelf (GOTS) products
  
• Have technical knowledge of security system controls, policies, technical security safeguards, and operational security measures to include various government security requirements and working knowledge of NISPOM, NIST, and ICD 503.
  
• Virtualization technologies, such as VMware, Citrix XenServer, or Microsoft Virtual Server/Hyper-V.
  
• Familiarization and understanding and/or training with National Institute of Standards and Technology (NIST) Special Publication 800 Series.
  
• Team player and can work in a fast-paced environment
  
• Knowledge of the latest developments in current Information Systems Security strategies and be familiar with the services Information System Security policies.
  

• DoD Directive 8570.01 Certification Requirements, which includes Certified Information Systems Security Professional (CISSP), Microsoft Certified Solutions Expert (MCSE) or Microsoft Certified Solutions Associate (MCSA) with emphasis Windows Server 2008/2012/2016 or Windows 10.
• Virtualization technologies, such as VMware, Citrix XenServer, or Microsoft Virtual Server/Hyper-V.
• Have technical knowledge of security system controls, policies, technical security safeguards, and operational security measures to include various government security requirements and working knowledge of NISPOM, NIST, and ICD 503.
• Familiarization and understanding and/or training with National Institute of Standards and Technology (NIST) Special Publication 800 Series.