Information Systems Security Officer – Isso – II

Information Systems Security Officer – Isso – II

Requirements

• Cybersecurity
• Information Assurance
• Security Operations
• System Security
• CompTIA Server+
• IAT Level II
• 2 + years of related experience
• US Citizenship Required

Responsibilities

• Perform all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction
• Ensure the appropriate operational security posture is maintained for an information system
• Manage the security aspects of an information system and be responsible for the day-to-day security operations of a system
• Include physical and environmental protection, personnel security, incident handling, and security training and awareness
• Work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation
• Develop and update the authorization documentation, implementing configuration management across authorization boundaries
• Assess the security impact of changes and make recommendations to the ISSM
• Provide day-to-day support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities
• Assist the ISSM in meeting their duties and responsibilities
• Prepare, review, and update authorization packages
• Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
• Notify ISSM when changes occur that might affect the authorization determination of the information system(s)
• Conduct periodic reviews of information systems to ensure compliance with the security authorization package
• Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
• Ensure all IS security-related documentation is current and accessible to properly authorized individuals
• Ensure audit records are collected, reviewed, and documented (to include any anomalies)
• Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties
• Execute the cyber security portion of the self-inspection, to include provide security coordination and review of all system assessment plans
• Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them
• Prepare reports on the status of security safeguards applied to computer systems
• Perform ISSO duties in support of in-house and external customers
• Conduct security impact analysis activities and provide to the ISSM on all configuration management changes to the authorization boundaries.

Preferred Qualifications

• 2-5 years related experience, especially in developing RMF packages or bodies of evidence
• Prior performance in roles such as System/Network Administrator or ISSO is preferable
• SAP experience