Information System Security Officer
Apply on
Job Description
Job Description
The Information System Security Officer (ISSO) 3 is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This also will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAP) supporting Department of Defense agencies, such as HQ Air Force, Office of the Secretary of Defense and Military Compartments efforts. The position will provide day-to-day support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.
Duties shall include:
Assist the ISSM in meeting their duties and responsibilities
Prepare, review, and update authorization packages
Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
Notify ISSM when changes occur that might affect the authorization determination of the information system(s)
Conduct periodic reviews of information systems to ensure compliance with the security authorization package
Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change
Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
Ensure all IS security-related documentation is current and accessible to properly authorized individuals
Ensure audit records are collected, reviewed, and documented (to include any anomalies)
Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties
Execute the cyber security portion of the self-inspection, to include provide security coordination and review of all system assessment plans
Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them
Prepare reports on the status of security safeguards applied to computer systems
Perform ISSO duties in support of in-house and external customers
Conduct continuous monitoring activities for authorization boundaries under your preview
Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization efforts
Required Education and Experience:
Bachelor s degree
5-7 years related experience, especially in developing RMF packages or bodies of evidence; Prior performance in roles such as System/Network Administrator or ISSO
2+ years SAP experience; TRAINING: DoD 8570.01-M IAM Level II (in lieu of IAT Level II)
Security Clearance:
Active TS/SCI and willingness to sit for a CI polygraph
Twenty Bridge and affiliates are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status, or any other characteristic protected by law. AA M/F/Vet/Disability
Federal law requires Twenty Bridge and affiliates to verify identity and employment eligibility; with information from your Form I-9. The E-Verify system is used