Information System Security Officer (ISSO)
: Job Details :


Information System Security Officer (ISSO)

The Brixton Group

Job Location : Arlington,VA, USA

Posted on : 2024-12-21T05:13:05Z

Job Description :

Responsibilities:

  • Verify data security access controls based on the Joint Special Access Program Implementation Guide (JSIG).
  • Implement media control procedures and continuously monitor for compliance.
  • Verify data security access controls and assign privileges based on need-to-know.
  • Investigate suspected cybersecurity incidents in accordance with Departmental directives and applicable Risk Management Implementation Plans (RMIPs).
  • Apply and maintain required confidentiality controls and processes.
  • Verify authenticator generation and verification requirements and processes.
  • Execute media sanitization (clearing, purging, or destroying) and reuse procedures.
  • Protect Controlled Unclassified Information (CUI), Special Access Programs (SAP), Sensitive Compartmented Information (SCI), and Personally Identifiable Information (PII).
  • Create and manage the Body of Evidence (BOE).
  • Maintain privilege access control logs.
  • Create and manage Interconnection Security Agreements (ISA).
  • Ensure JSIG compliance of applications within multiple accredited boundaries.
  • Track vulnerabilities by creating Plan of Action and Milestones (POA&M).
  • Manage the configuration and documentation in the program's instance of Enterprise Mission Assurance Support Services (eMASS).
  • Maintain and manage continuous monitoring of DoD Security Technical Implementation Guide (STIG) compliance.
  • Enforce continuous monitoring strategies using tools such as Splunk, Oracle Cloud Control, ACAS reports, and scripts for database/application user/privilege review.
  • Conduct code reviews for database and application development and configuration management activities.
  • Analyze events or test results and prepare POA&Ms.
  • Establish and satisfy information assurance and security requirements based on user, policy, regulatory, and resource demands.

Requirements:

  • Per contract requirements candidates must possess an active TS/SCI clearance with the ability to obtain CI Poly.
  • Bachelor's degree in a relevant field (e.g., Computer Science, Information Systems Management, Engineering) is required for this position. 4 years of relevant work experience may be considered in lieu of the degree requirement.
  • Security+ certification or equivalent (DoD 8570) if no current IAM Level II certification.
  • 8+ years of experience in cybersecurity or a related field, 2+ years of experience Windows/Linux, 2+ years of cybersecurity experience in the Department of Defense (DoD) or Intelligence community.
  • 2+ years of experience as a Cyber or Security Analyst for federal information systems.
  • 2+ years of experience with the Federal Risk and Authorization Management Program (FedRAMP).

Preferred Requirements:

  • IAT level III certification (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH), or ability to obtain certification within six months of hiring.
  • Experience with the Special Access Programs (SAPs) and Intelligence Community (IC).
  • Knowledge and/or understanding of Joint Special Access Program Implementation Guide (JSIG)
  • Strong familiarity with the Risk Management Framework (RMF), Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) FIPS 199/200 and Special Publications.
  • Experience with the Federal Risk and Authorization Management Program (FedRAMP).
Apply Now!

Similar Jobs (0)