The ISSO will:
Perform ISSO duties under the direction of the Information System Security Manager (ISSM) on assigned government-authorized systems.
Be responsibilities include: authoring and maintaining documentation supporting the Assessment & Authorization (A&A) of assigned systems in accordance with the Risk Management Framework (RMF) under the JSIG and NISPOM; performing security control assessments as part of the systems’ Continuous Monitoring Plan; overseeing configuration management of assigned systems.
Works with IT organization to develop device and system hardening guides following DISA and NIST guidelines; auditing systems to ensure security posture integrity; conducting periodic hardware/software inventory assessments; identifying system security controls shortcomings and developing POA&Ms.
Play a leading role remediating control deficiencies; conducts, documents and reports annual self-assessment.
Maintain operational information security posture for a system, program, or enclave
Investigate security incidents such as data spills, data integrity and malicious events; authoring and delivering security education training to range of audience levels.
Bachelor’s degree from an accredited college in a related discipline
CISSP, CISM, or GSLC certification required (DoDI 8570.01 IAM III)
5+ years experience as an ISSO overseeing cybersecurity on classified systems under JSIG, NISPOM Ch8, ICD 503, and/or NIST 800-53
This position requires a current U.S. Security Clearance