logo

View all jobs

Information System Security Officer II w/ 5 years experience

Annapolis Junction, MD · Information Technology

REQUIRED SKILLS/ABILITIES:

  • TO BE CONSIDERED FOR THIS POSITION YOU MUST HAVE AN ACTIVE TS/SCI W/ FULL SCOPE POLYGRAPH SECURITY CLEARANCE (U.S. CITIZENSHIP REQUIRED)

REQUIRED: Minimum five (5) years Information Assurance experience, including evaluating, testing, certification, and accreditation of classified, sensitive but unclassified, information systems, in addition to Commercial-off-the-Shelf (COTS) and Government-off-the-Shelf (GOTS) products.

 

REQUIRED: Experience with analysis and evaluation of both hardware and software in support of  the Intelligence Community (IC)  and various Federal Sector Government Agencies.

 

DESIRED: At least one (1) year direct experience with an intelligence community or signals intelligence activity.

 

PRIMARY
 
• Thorough understanding of the RMF process (Risk Management Framework).
• Highly Experienced with XACTA, LatteArt, Biscotti & SEAR.
• Familiar with Nessus or CyborgBunny.
• Experience in evaluating, testing, certification and accreditation of classified and sensitive but unclassified information systems.
• Experienced with analysis and evaluation of hardware and software in support of the IC.
• Able to apply current computer security technologies and IA requirements to maintain system security posture.
• Responsible for maintaining and enforcing approved security policies, standards and guidelines.
• Experience working directly with project developers and/or subject matter experts to create security documentation.
• Proficient with MS Word, PowerPoint and working knowledge of various software tools.
• Experience formatting, editing, proofreading, and quality assurance checks on documents.
• Experience in identifying compliance issues, documentation, and incident reporting.
 
DESCRIPTION
 
• Coordinate with DAOs Data Owners, SAs and devs for Security relevant changes to SSPs.
• Monitor/maintain SSPs for hardware and software changes.
• Participate in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
• Ensures systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the System Security Plan.
• Ensures that all system users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before granting access.
• Review audit events for information systems and address events/incidents that occur with stakeholders.
• Provide guidance for identifying, drafting, and submitting incident reports.
• Ensures all information system security-related documentation is current and accessible to properly authorized individuals.
• Maintains records, outlining required patches/system upgrades that have been accomplished throughout the information system's life cycle.
• Create and maintain Plan of Action and Milestones (POAM) as required.
• Ensures that all systems/network are compliant and in scope of current accreditation.
• Perform Nessus scans as required.
• Evaluates proposed changes or additions to the information system, and advises the Information Systems.
• Security Manager (ISSM) of their security relevance.
• Participate in internal / external security audits/inspections.
• Directs program system administrators on security matters.

Powered by