Information Systems Security Officer; ISSO

The ISSO is responsible for ensuring the appropriate operational security posture is maintained for an information system and, in many organizations, is assigned responsibility for the day‑to‑day security operations of a system. The position requires detailed knowledge and expertise in managing the security aspects of an information system, and works closely with the ISSM and ISO.

Responsibilities include physical and environmental protection, personnel security, incident handling, security training and awareness, coordination with the ISSM and ISO in monitoring the information system(s) and its environment, developing and updating the authorization documentation, implementing configuration management across authorization boundaries, assessing the security impact of changes, and providing day‑to‑day support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.

• Assist the ISSM in meeting their duties and responsibilities
• Prepare, review, and update authorization packages
• Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
• Notify ISSM when changes occur that might affect the authorization determination of the information system(s)
• Conduct periodic reviews of information systems to ensure compliance with the security authorization package
• Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
• Ensure all IS security‑related documentation is current and accessible to properly authorized individuals
• Ensure audit records are collected, reviewed, and documented (to include any anomalies)
• Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties
• Execute the cyber security portion of the self‑inspection, provide security coordination and review of all system assessment plans
• Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them
• Prepare reports on the status of security safeguards applied to computer systems
• Perform ISSO duties in support of in‑house and external customers

• 1+ years related experience
• SAP experience desired
• Prior performance in roles such as System or Network Administrator

• Bachelor’s degree OR Associate’s degree in a related area + 2 years’ experience OR equivalent experience (4 years)

• IAT Level I or IAM Level I (Security+ CE, CCNA Security, etc.) – within 6 months of hire

• TS/SCI required
• Must be able to attain – TS/SCI with CI Polygraph