Information System Security Officer / ISSO duties include:
Evaluation of the assigned information systems’ security control compliance with the federal requirements and the client’s monitoring strategy
Management of emerging and defined risks associated with the administration and use of assigned information systems
Coordination with the client’s Cybersecurity Unit to achieve and maintain the information systems’ compliance and authorization to operate (ATO)
Ensuring systems are operated, maintained, and disposed of in accordance with policies outlined in the approved security authorization package
Performing annual assessments to ensure compliance with the client’s policies and standards
Serve as a member of the Configuration Control Board (CCB) to ensure configuration management for Cybersecurity-relevant software, hardware, and firmware is maintained and documented
Ensuring information system security requirement are addressed during all phases of information systems lifecycle
Establishing audit trails, ensuring their review, and making them available while retaining audit logs in accordance of DOJ and component policies
Generate and interpret documentation needed to address the items detailed within the GRC tool
Work within a team environment to provide technically sound guidance order to adhere to the cybersecurity industry best practices and the client’s monitoring strategy
Analyze collected information to identify vulnerabilities and potential for exploitation and effectively present the results and guidance derived from scans to system owners or other leadership, as required
Effectively communicate orally and in writing to track and detail the demands, efforts, and shortcomings in meeting the goals of the client’s information system monitoring strategy
Support the integration/testing, operations, and maintenance of systems security
Develops, updates, and maintains internal Standard Operating Procedures for all internal assigned functions
Aligns business processes and information technology strategy with the conditions and circumstances of the functional environment and establishes effective performance measures
Contributes to the definition and implementation of planning processes and/or systems at the enterprise level including both strategic and operational activities
Provides system operation support, administers hardware and software inventory
Required Skills
• B.A. or B.S. in Computer Science or a related field
• System authorizations and configuration management
• Experience creating or modifying information security documentation
• Experience testing and documenting information security controls (NIST SP 800-53)
Active Public Trust clearance, adjudicated within past 5 years.
Must have worked on US Federal Government Projects.