Information Systems Security Officer – Isso
| Company | Guidehouse |
|---|---|
| Location | Springfield, VA, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior |
Requirements
- An ACTIVE and MAINTAINED TOP SECRET with SCI (TS/SCI) Federal or DoD security clearance
- Bachelor’s degree
- FIVE (5) years of professional experience with the most recent THREE (3) being in Information Security or Information Assurance
- Meet requirements for DoD 8570 IAT Level I Certification (i.e. A+ CE CCNA-Security Network+ CE SSCP)
Responsibilities
- Operate within cleared environments to perform Information Assurance specific activities for customer needs and timelines.
- Perform assessments of systems and networks within the networking environment and identify where those systems or networks deviate from acceptable configurations, enclave policy, or applicable Agency policies and guidelines.
- Perform compliance audits (passive evaluation) and vulnerability assessments (active evaluation).
- Develop Risk Management Framework (RMF) process operating procedures, policies, and related documentation.
- Perform duties per NIST SP 900-137, Continuous Monitoring, and audit for anomalous or malicious user activity.
- Periodically review audits of all systems and monitor corrective actions to ensure closure of all action items.
- Manage media, including handling and control, labeling, virus-scanning solutions, and data transfers between classification domains via manual and automated processes.
- Create and enforce strict program control processes to ensure risk mitigation, system accreditation, and certification attainment support. Support will include process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.
Preferred Qualifications
- An ACTIVE and MAINTAINED TS/SCI Federal with DoD security clearance with a COUNTERINTELLIGENCE (CI) polygraph
- Familiarity with security violation mitigation measures and incident reporting actions.
- Proficiency in computer networking concepts and protocols and network security methodologies.
- Familiarity with host/network access control mechanisms. Knowledge of cybersecurity principles to manage risks tied to use, processing, storage, and transmission of data.
- Demonstrated ability to conduct research and analysis for network and information system security principles and best practices.
- Knowledge of information security program management and project management principles and techniques.