logo

View all jobs

Information Systems Security Officer

Springfield, VA
DoD Top Secret Required
DUTIES AND RESPONSIBILITIES
  • Apply information system security principles, procedures and practices under the Risk Management Framework (RMF)
  • Develop and coordinate all authorization documentation
  • Use Enterprise Mission Assurance Support Service (eMASS)
  • Implement security controls, monitor system security posture, audit user activity, and maintain and update documentation
  • Work with system administrators to validate patching, system hardening, and compliance
  • Maintain current knowledge of relevant technologies as assigned
  • Conduct Security Technical Implementation Guide (STIG) reviews utilizing SCAP Compliance Checker (SCC) tool and manual checks to ensure DoD security is being met
  • Review manual STIGs utilizing STIGViewer
  • Maintain an inventory of hardware and software for multiple information systems
  • Perform security audits in accordance with established procedures
  • Take corrective action to resolve problems identified and ensure systems are operated, maintained, and disposed of in accordance with established policies and procedures
  • Assist in all phases of the security authorization process for assigned information systems
  • Perform antivirus updates and weekly virus scans
  • Advise the ISSM on information systems security
  • Perform self-inspections, provide security coordination, and review all system test plans
  • Assess the impacts on system modifications and technological advances
  • Review systems to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes, and document upgrades
QUALIFICATIONS AND REQUIREMENTS
  • Bachelor’s Degree in related field
  • Active DoD Top Secret Clearance
  • Current Security + Certification or obtain within 90 days of hire
  • A minimum of two (2) years experience as an ISSO on programs and contracts of similar scope, type, and complexity
  • Experience with Authority to Operate (ATO) process, continuous monitoring, POA&Ms, Security Authorizations (SA), NIST 800-37, NIST 800-53 Rev3 / Rev4, working with System Owners (SO)
  • Experience deploying security patches to desktops and servers
  • Excellent written and verbal communication skills with focus on the client
  • Team player, must be able to work professionally and collaboratively with the government customer and other contract members of the project team
  • Ability and willingness to multi-task and work in an often fast-paced environment with deadlines

Share This Job

Powered by