Information System Security Officer (ISSO)
Position Description:
Acting as an appointed Information System Security Officer (ISSO) for the DoD's Defense Threat Reduction Agency (DTRA) Defense Stockpile Management Systems (DSMS) programReporting, documenting, and briefing the continuous status of DSMS systems to the satisfaction of the appointed Information System Security Manager (ISSM), and/or senior government leadershipProviding clear justification describing the satisfaction all applicable security control implementation as specified by the NIST-800-53, rev 4 (eventually moving to rev 5)Authoring System Security Plans (SSP)Conducting self-assessments of all systems under DSMS environmentAnalyzing security controls and the impact that new changes would introduce to the environmentPreparing and/or assisting with formal risk assessments to provide to the Authorizing Official's (AO's) designated Security Control Assessors (SCAs) while acting as a member of the security assessment teamEnsuring the remediation of any findings assigned to DSMS teams as documented in the Security Assessment Report (SAR) and its Plan of Actions and Milestones (POA)Documenting and defending reasoning when waivers are sought, or non-standard remediation solutions are requested for specific security controlsAssisting with the preparation of the Authorization to Operate (ATO) or other packages for both DSMS networks - classified and unclassifiedResearching remediation options for vulnerabilities identified for systems under development or already in production under an ATOManaging and configuring ACAS to perform vulnerability management and reportingEnsuring the DSMS systems are configured in accordance with Security Technical Implementation Guidance (STIG) and reporting results in the eMASS toolRequired
Qualifications:
Active Top Secret clearanceEducation:
Bachelor of Science Degree, or a related technical discipline, or the equivalent combination of education, technical certifications, training, and work experienceDoD 8570 Information Assurance Management (IAM) Level I certification - at minimumMinimum of 3-years Risk Management Framework (RMF) Assessment and Authorization (A) experienceAbility to speak to the intent of all NIST 800-53 security controlsMinimum 1-year hands on experience with the ACAS (Tenable) applicationExcellent oral and technical writing skillsAbility to work both independently and as a member of a team in a high-paced, deadline-driven environment.
Estimated Salary: $20 to $28 per hour based on qualifications.
Acting as an appointed Information System Security Officer (ISSO) for the DoD's Defense Threat Reduction Agency (DTRA) Defense Stockpile Management Systems (DSMS) programReporting, documenting, and briefing the continuous status of DSMS systems to the satisfaction of the appointed Information System Security Manager (ISSM), and/or senior government leadershipProviding clear justification describing the satisfaction all applicable security control implementation as specified by the NIST-800-53, rev 4 (eventually moving to rev 5)Authoring System Security Plans (SSP)Conducting self-assessments of all systems under DSMS environmentAnalyzing security controls and the impact that new changes would introduce to the environmentPreparing and/or assisting with formal risk assessments to provide to the Authorizing Official's (AO's) designated Security Control Assessors (SCAs) while acting as a member of the security assessment teamEnsuring the remediation of any findings assigned to DSMS teams as documented in the Security Assessment Report (SAR) and its Plan of Actions and Milestones (POA)Documenting and defending reasoning when waivers are sought, or non-standard remediation solutions are requested for specific security controlsAssisting with the preparation of the Authorization to Operate (ATO) or other packages for both DSMS networks - classified and unclassifiedResearching remediation options for vulnerabilities identified for systems under development or already in production under an ATOManaging and configuring ACAS to perform vulnerability management and reportingEnsuring the DSMS systems are configured in accordance with Security Technical Implementation Guidance (STIG) and reporting results in the eMASS toolRequired
Qualifications:
Active Top Secret clearanceEducation:
Bachelor of Science Degree, or a related technical discipline, or the equivalent combination of education, technical certifications, training, and work experienceDoD 8570 Information Assurance Management (IAM) Level I certification - at minimumMinimum of 3-years Risk Management Framework (RMF) Assessment and Authorization (A) experienceAbility to speak to the intent of all NIST 800-53 security controlsMinimum 1-year hands on experience with the ACAS (Tenable) applicationExcellent oral and technical writing skillsAbility to work both independently and as a member of a team in a high-paced, deadline-driven environment.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
