Information Systems Security Officer (Isso)

Microsoft Corporation Columbia , MD 21044

Posted 3 months ago

The security of our nation and preservation of our nation's interest are critical to the safety and prosperity of the United States. The Microsoft Corporation is proud to have the opportunity to serve as a trusted company of high-risk systems and is seeking a qualified candidate to join our National Security organization as an Information Systems Security Officer (ISSO) in Elkridge, Maryland.

Implementing Government Cyber Security policy & providing guidance (i.e. NIST, NISPOM, DAAPM, etc.). Partner with facility FSO/CSSO to set establish goals, gather performance metrics, document and streamline relevant processes and execute strategies that enable business. Engage with engineers, program managers to perform assessments of systems and networks within an environment, identify deviations with DoD/DISA defined acceptable configurations or local policy. Ensure Information System (IS) assessments are achieved through passive evaluations such as compliance audits and active evaluations. The ISSO will also be accountable to co-lead efforts to establish strict program control processes to ensure mitigation of risks.

If you have experience implementing NIST RMF requirements for National Security Systems, this is an exciting opportunity and you are encouraged to apply today.

Security Clearance Requirements:
The successful candidate must be a US citizen and have an active US Government Security Clearance based on a Tier 5 investigation, formerly Single Scope Background Investigation (SSBI) and pass a polygraph. Candidate must be able to travel to customer sites as required. The selected candidate must be able to start within 30 days of offer acceptance.

Basic Qualifications:

  • Active TS/SCI Security Clearance with Polygraph (most recent Tier 5 investigation within the last 4 years)

  • 5 years of relevant experience, or 2 years of experience with applicable bachelor's degree.

  • At least one year of direct experience with an intelligence community or signals intelligence activity.

  • The successful candidate will possess excellent communication and presentation skills as well as can interface effectively with employees and customers of all levels.

  • Ability to travel to customer locations upon request.

Preferred Qualifications:

  • Bachelor's degree in Computer Science, Information Systems, Data Science, Engineering

  • Current IAM DoD Level 1 Security certification (CAP, GSLC, or Security+ CE)

  • 2 years of information assurance experience, including evaluating, testing, certifying and accrediting of classified and sensitive but unclassified information systems as well as Commercial Off The Shelf (COTS) and Government Off The Shelf (GOTS) products.

  • 2 years of network/system administration.

  • Experience with analysis and evaluation of both hardware and software in support of Intelligence Community (IC), Department of Defense, and other Federal Government Agencies.

  • Experience assessing and auditing network penetration testing, antivirus planning assistance, risk analysis and incident response.

  • Experience applying security risk assessment methodology to system development, including threat model development, vulnerability assessments, and resultant security risk analysis.

  • Experience or knowledge of construction for a secure area, ICD 705

  • Experience managing COMSEC, keying devices, lifecycle planning.

  • CISSP or PMP certification.

If hired for this position, the team you would be joining is part of our Cloud organization/ and or works with government contracts and as such has a unique background check requirement, detailed below. Please note you will be provided with steps for completing the check if you accept a role on the team.

Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings:

  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

  • Citizenship Verification: This position requires verification of US Citizenship to meet federal government security requirements.

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Program control processes or content for assessment artifacts in scope will include:

  • Continuous Monitoring in accordance with the RMF

  • Process and maintain system security plans (SSP)

  • Maintain knowledge in system controls for system accreditations

  • Manage secure areas

  • Understand engineering requirements to apply controls in compliance of the NIST of the Risk Management Framework (RMF).

  • Coordination with engineering leadership to enable delivery of Microsoft products & services and provide effective incident response.

  • Continuous Monitoring, test development and validation testing to enable communication to DoD and IC customers.

  • Development of audit trail artifacts / Information System (IS) self-assessment checklists.

  • Execution of investigations to meet Federal requirements.

  • Develop, create, implement, and support physical and operations security (OpSec) policies, plans, processes and training material that position the FSO and offices to operate in a manner that is compliant with relevant U.S. Government (and/or other unique environment) security standards and requirements for the physical design, construction, and operation of highly confidential and regulated projects.

  • Document and improve processes around confidentiality, security, and compliance to ensure the work that is being done is conducted per Government standards.

  • Monitor and audit field sites and supplier processes and methods to assess the state and health of physical and program security.

  • Receive notifications of incidents and events, assess, and drive root cause analysis (RCA) and remediation plans appropriately.

  • Collaborate across internal groups, external suppliers, and customers.

  • Provide subject matter expertise on topics such as: confidentiality, citizenship requirements, security clearances, and information sharing and operations security protocols to internal teams unfamiliar with Federal security requirements.

  • Maintain confidentiality, information and material handling, and privacy without exception.

  • Represent Microsoft in engagements with external entities and the U.S. Government.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information System Security Officer (Isso)

Caci International Inc.

Posted 1 week ago

VIEW JOBS 9/8/2019 12:00:00 AM 2019-12-07T00:00 Job Description More About this Role: Duties and Responsibilities: * Responsible for providing information assurance support for digital information, ensuring its confidentiality, integrity, and availability. Responsibilities include the maintenance of authorization to operate IT systems, monitoring and testing of IT systems for vulnerabilities and prevention of compromise, support to incident response and remediation, implementation of appropriate policy, relevant user security awareness and training, and compliance with applicable government policies and directives. * Draft, prepare and maintain system security plans (e.g., SSP, RMF, IA SOP, SCTM) in accordance with the requirements of NISPOM, JAFAN 6/3 and ICD 503 for Assessment and Authorization (A&A). * Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis. Ensure system security measures comply with applicable government policies. * Provide support to the Information System Owner for maintaining appropriate operation information assurance (IA) posture for programs. * Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional * Monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems * Assist with workstation design and install of new network systems * Travel to other company locations, customer sites or professional training in support of duties as necessary * Perform as Data Transfer Agent (DTA) for multiple networks. * Perform as a primary agent for Two-Person Accountability (TPA) controlled areas. * Support the FSO in managing operational and physical security at the facility, to include, SCIF open/close duties You'll Bring These Qualifications: * The candidate must possess a (in-scope) Top Secret clearance however employment is contingent upon the applicants ability to obtain and maintain a TS/SCI with FSPG * Education: BS/BA or equivalent work experience or * Experience: Minimum 5 years of related work experience or equivalent * Knowledge of Microsoft software applications * DOD 8570.1 Certified, Security+ required These Qualifications Would be Nice to Have: * Excellent verbal and written communication skills * Working knowledge of XACTA, OBMS, PKI tools * Understanding of NIST Risk Management Framework Desired Certifications: * Certified Information Systems Security Professional (CISSP) * Working knowledge of SAP A&A What We Can Offer You: * We've been named a Best Place to Work by the Washington Post. * Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. * We offer competitive benefits and learning and development opportunities. * We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities. * For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success. Job Location US-Columbia-MD-BALTIMORE CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities. Caci International Inc. Columbia MD

Information Systems Security Officer (Isso)

Microsoft Corporation