Job Title: Information Systems Security Officer (ISSO)
Job Location: Columbia, MD
Job ID: ES20192607-32279
The ISSO will provide support to the ISSM for maintaining the appropriate security posture of systems in accordance with NISPOM Chapter 8 and/or JAFAN 6/3 /JSIG. The ISSO assists with the management of security aspects of the information system and works closely with the system administrator to support day-to-day security operations of the system. The ISSO will perform crucial weekly audit log reviews (standard operating system event viewers), backup operations (Symantec/Veritas Backup Exec), and anti-virus definition (Symantec Endpoint Protection/Manager) updates. The ISSO provides support to the customer on matters involving the security of the information system and assists in maintenance to ensure the system accreditation is maintained. This includes developing and updating the system security plan, as well as managing and controlling changes to the system and assessing the security impact of those changes. The ISSO also provides support to plan, coordinate, and implement IT security programs and policies and provides configuration management for security-relevant information system software, hardware, and firmware. The ISSO will assist the ISSM with the continuous monitoring of accredited systems.
Bachelor's Degree in Computer Science or related field and at least 4 years of applicable experience.
Active Secret clearance.
DOD 8570 compliant IAT Level 1, possess at least a A+ CE, CCNA-Security, Network+ CE or SCP
Experience with NISPOM Chapter 8 and/or JAFAN 6/3 /JSIG
Familiarity with multiple intel community and DSS system accreditation procedures
Experience hardening operating systems
Experience with vulnerability and compliance scanning tools (WASSP, Nessus, SCAP, etc.)
Experience implementing and monitoring with the Risk Management Framework (RMF)
Experience managing Windows 10 based systems and Linux operating systems.
Preferred Additional Skills:
Active Top Secret clearance
Advanced security certifications (CISSP, Security+, etc.)
Strong investigative drive
Strong written and oral communication skills
Ability to work in a team environment
Understanding of system vulnerabilities and exploitation
Understanding of vulnerability mitigation