Information Systems Security Officer; ISSO – Skill Level 2

Overview

Kaizen Approach is currently seeking an Information Systems Security Officer (ISSO) to provide support for a program, organization, system, or enclave’s information assurance program. In this role, the ISSO will support proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies while maintaining the operational security posture of information systems or programs. The position involves assisting with management of security aspects of information systems, performing day-to-day security operations, evaluating security solutions for processing classified information, and conducting vulnerability and risk assessment activities to support security authorization.

The ISSO will provide configuration management for information systems security software, hardware, and firmware, manage system changes, and assess the security impact of those changes. This role also includes preparing and reviewing security documentation such as System Security Plans, Risk Assessment Reports, Certification and Accreditation packages, and System Requirements Traceability Matrices, and supporting security authorization activities in compliance with the NIST Risk Management Framework.

• Must have the ability to support a program, organization, system, or enclave’s information assurance program by supporting senior Information Systems Security Officers and the Information System Security Manager in implementing, proposing, coordinating, enforcing, and ensuring compliance with information systems security policies, standards, and methodologies, while maintaining the appropriate operational Cybersecurity posture.
• Must possess the ability to assist with and perform the management of security aspects of information systems, including performing day-to-day security operations, maintaining the operational security posture of systems or programs, and obtaining system authorization for information systems under assigned purview.
• Must be capable of developing, maintaining, updating, and reviewing System Security Plans and other Cybersecurity documentation, including documentation required for security authorization in accordance with ODNI and DoD policies.
• Must have the ability to evaluate and assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information and to support security authorization activities.
• Must possess the ability to provide configuration management for security-relevant information system software, hardware, and firmware, manage and control system changes, assess the security impact of those changes, and maintain records for workstations, servers, routers, firewalls, intelligent hubs, network switches, and system upgrades.
• Must be capable of planning and coordinating the implementation of information technology security programs and policies, tracking and ensuring appropriate user identification and authentication mechanisms for information systems, and ensuring ongoing compliance with system security policy.
• Must have the ability to provide daily oversight and direction to contractor Information Systems Security Officers and to interact with customers, information technology staff, and high-level corporate officers to define and achieve required Cybersecurity objectives.
• Must have eight years of combined work-related experience in the fields of information technology, cybersecurity, or security authorization, or twelve years of combined work-related experience if no bachelor’s degree is held, including experience in at least two areas such as current security tools, hardware and software security implementation, communication protocols, or encryption tools and techniques, and familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services.
• Must have a bachelor’s degree in Computer Science, Cyber Security, or IT Engineering, or four additional years of work-related experience may be substituted for the degree, and must be DoD 8570 compliant with IAM I.
• Active TS/SCI clearance with Polygraph is…