Information System Security Officer (ISSO)

Where

Linthicum, MD

What you'll be doing

Ensure IS is operated, used maintained, and disposed of in accordance with security policies and practices. Enforce security policies and safeguards on all personnel having access to the IS. Report the security status of IS to the ISSM. Assist with creating and maintaining SSPs and supporting documentation. Ensure users and system support personnel have the required security clearance and need-to-know to utilize the system. Conduct user training and awareness activities. Work with physical security personnel to ensure physical protection of IS assets. Perform continuous monitoring of systems to ensure the system stays in an accredited state. Conduct security audits of systems. Utilize IAD security incident reporting mechanism to report incidents. Initiate the appropriate protective or corrective measures when security problem are discovered. Conduct risk assessments of the IS. Ensure the IS is accredited and maintains its accreditation. Assist the ISSM in IS configuration management activities. Document applicable FOCI concerns. Maintain documentation of the system administrator PKI and PRIVAC status. Ensure the IS remains in compliance with FRAGO, IA vulnerabilities, and any other IOSS security related notices.

What your background should be

3 or more years experience as an ISSO to include at least one of the following areas: knowledge of current security tools, hardware/software security implementation; communication protocols; and encryption techniques/tools. 3 or more years experience in the understanding of computer hardware, software, networking, communications and their relationship to ISS/IA. Experience in DoD 8570.1M compliant professional certification (e.g. Security +, CISSP, GSEC, etc.). Working knowledge of NIST special publications, ICD 503, and CNSS 1253. Experience with virtualization technology (e.g., VMware). Experience with enterprise risk management framework and security authorization tool XACTA. Experience with various information system security assessment/hardening tools, for example: DISA security readiness review (SRR) scripts, Retina, NESUSS, SPLUNK. The candidate shall have one or more of the following skills:provide system administration support of windows, Unix, and/or HP OpenVMS operating systems, TCP/IP, DECNET, LAT, and LAD networks, working with token based public key infrastructure (PKI) and/or CAC smart cards, network and web security, and network communication devices (hub, switches, and routers). Have experience maintaining network servers, file servers, VPN gateways, and intrusion detection systems. Have a thorough understanding of secure systems engineering development, including system security requirements analysis, system security requirements allocation, trade-off analysis, other system security analyses, and secure system definition and specification development. Currently possess an active TS/SCI with polygraph clearance.

Required Schooling / Training

Bachelor degree

Who is the client company

This is an American defense company that provides scientific, engineering, systems integration, and technical services.

If you are interested in this position, send your resume to apply@kochdavis.com