Information System Security Officer (ISSO) for a large software development program which includes software maintenance and development, IT support (Network/Workstation/Server), systems integration and life cycle support, enterprise application development, network engineering, and information systems security (ISS). They will work with other security professionals in developing and implementing strategies to detect and mitigate threats to information systems, protect critical data sets, and provide assessments of system and network vulnerabilities. They will analyze threats and develop and implement best practices methodologies for incident detection, reporting, and vulnerability remediation.
- Provide support for implementing and enforcing information systems security policies, standards, and methodologies.
- Assist in the evaluation of security solutions to ensure they meet security requirements for processing multiple types information.
- Assist with the CM for information system security software, hardware, and firmware.
- Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades.
- Evaluate security solutions to ensure they meet security requirements for processing classified information.
- Maintain operational security posture for an information system or program.
- Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system, program, or enclave.
- Develop and maintain documentation for C&A in accordance with ODNI and DoD policies.
- Develop and update the system security plans and other IA documentation.
- Provide CM for security-relevant information system software, hardware, and firmware.
- Develop system security policy and ensure compliance.
- Administer the user identification and authentication mechanisms of the Information System (IS).
- At least 12 years of relevant experience.
- Demonstrated knowledge of and experience with at least one of the following (preferably more): current security tools; hardware/software security implementation; communication protocols, encryption techniques/tools.
- Experience completing security evaluations of software systems or architectures to ensure they meet security requirements for processing classified information.
- Experience preparing and maintaining SSPs or security related documentation.
- Experience proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies, preferably on a large software or IT program.
- Demonstrated experience performing day-to-day security operations of large, complicated information and information processing systems.
- Must be committed to developing and adhering to best practices.
- Must be a solutions-oriented team player and must possess a high level of self-initiative.
- Must have excellent interpersonal skills.
- Bachelor’s degree in a related field. Additional experience may be substituted for a degree.
- Experience as an Information Systems Security Officer on a software development and integration program.
- DoD 8570 compliance with IAT Level I or higher.
- Demonstrated knowledge of and experience with current security tools, hardware/software security implementation, communication protocols, and encryption techniques/tools.