Position Description

** An active SECRET (or higher) DoD Security Clearance is required **
** A current DoD 8570 Baseline Certification (Security+ CE, CAP, GSLC, CASP CE, CISA, CISM, or CISSP) is required **
** Candidates must be U.S. Citizens **
** Permanent residents are NOT eligible for this role **
** Dual citizens are NOT eligible for this role. Also, candidates with a current non-U.S. passport in addition to a U.S. passport are NOT acceptable **

-The ISSO is responsible for ensuring the appropriate operational security posture is maintained for an information system (IS) and as such, works in close collaboration with the Information System Security Manager (ISSM).
-The ISSO shall have the detailed knowledge and expertise required to manage the security aspects of an IS and is assigned responsibility for the day-to-day security operations of a system.
-Responsibilities also include physical and environmental protection, personnel security, incident handling, and security training and awareness.
-In close coordination with the ISSM, the ISSO plays an active role in monitoring a system and its environment of operation to include developing and updating the System Security Plan (SSP), managing and controlling changes to the system, and assessing the security impact of those changes.

Responsibilities of the ISSO include, but are not limited to:
a. Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package; b. Attend technical and security training (e.g., operating system, networking, security management) relative to assigned duties; c. Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS; d. Report all security-related incidents to the ISSM; e. Conduct periodic reviews of ISs to ensure compliance with the security authorization package; f. Serve as member of the CCB, if designated by the ISSM; g. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM prior to the change; h. Formally notify the ISSM when changes occur that might affect system authorization; i. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly; j. Ensure all IS security-related documentation is current and accessible to properly authorized individuals; k. Ensure audit records are collected and reviewed; and l. ISSO shall be adequately trained and possesses technical competence commensurate with the complexity of the ISs.
Skills: Minimum Qualifications
- Current SECRET (or higher) DoD Security Clearance
- Current DoD 8570 Baseline Certification (Security+ CE, CAP, GSLC, CASP CE, CISA, CISM, or CISSP)
- Experience with Microsoft Windows and/or Linux system administration (2+ years)
- Familiarity with configuration control and change management (SCCM)
- Experience with networking concepts (switches, network security, TACLANE)
- Experience with security concepts (Data Loss Prevention, Active Directory, and Security Log Analysis)
- Active and continuous learner - either higher education or Continuing Professional Education