Information Systems Security Officer; ISSO Skill Level 1; Government

Overview

AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers’ mission.

The scope of this Contract requires specialized expertise in areas such as high-performance computing (HPC), automated processing systems, distributed software design, and secure hosting and networking solutions. The IT infrastructure consists primarily of Linux. The environment includes a variety of network devices, server interconnections, mass storage solutions, and essential supporting infrastructure services. The services provided under this Contract support areas including HPC, infrastructure maintenance for HPC systems, networking, office automation, and the development of specialized software.

AT&T has an opening for an Information Systems Security Officer to support information assurance programs and ensure the security posture of mission critical systems. The ISSO will play a key role in supporting security authorization activities in alignment with program and government requirements.

The Information Systems Security Officer (ISSO) supports the Information System Security Manager (ISSM) and senior ISSOs in implementing and enforcing information systems security policies, standards, and methodologies. The ISSO helps maintain the security posture of classified information systems, supports Risk Management Framework (RMF) activities, manages security-relevant configuration control, and develops and maintains cybersecurity documentation in accordance with ODNI and DoD requirements.

Work to be performed at government customer site.

• This position requires office presence a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.
• Support senior ISSOs in implementing and enforcing information systems security policies, standards, and methodologies.
• Maintain the operational security posture of classified information systems, including support for continuous monitoring activities.
• Develop system security policy and ensure compliance with applicable requirements.
• Evaluate security solutions to ensure they meet security requirements for processing classified information.
• Assist with the management of security aspects of information systems and perform day-to-day security operations.
• Administer user identification and authentication mechanisms for information systems, including privileged user oversight.
• Provide configuration management (CM) for security-relevant information system software, hardware, and firmware; coordinate and assess security impact of changes.
• Maintain records for workstations, servers, routers, firewalls, intelligent hubs, network switches, and related components, including system upgrades.
• Develop, update, and maintain RMF/IA documentation (e.g., SSP) and supporting artifacts; keep documentation accurate and audit-ready.

• RMF and RMF toolsets (e.g., LATTEART, XACTA, BISCOTTI, WATCHCAT, STE).
• Compliance and configuration scanning tools (e.g., SCAP-based and host/network scanning solutions).
• Working knowledge of NIST SP 800-53 (Rev. 3 and/or Rev.
  5) and NIST SP 800-37; understanding of the full RMF lifecycle, including Authority to Operate (ATO) and continuous monitoring.
• Security documentation development and maintenance (e.g., SSP, POA&M, Security Plan for Exceptions/waivers, BIA, Configuration Management Plan (CMP), After Action Report (AAR), Contingency Plan (CP), Security Assessment Report (SAR), Risk Assessment Report (RAR)).
• Strong collaboration with System Administrators (SA), System Owners, and other stakeholders to implement controls, manage change, and sustain compliance.
• Experience supporting information assurance/cybersecurity operations for systems processing classified information.
• Hands-on experience with RMF execution, security control implementation, and security authorization (ATO) support.
• Experience producing and maintaining RMF artifacts and supporting audits, assessments, and continuous monitoring activities.
• Ability to support control selection/tailoring and coordinate security control assessments with technical and program stakeholders.
• Strong written communication skills to produce clear, complete, and compliant security documentation.
• Ability to coordinate across ISSM/ISSO, system owners, engineering, and operations teams to implement controls, manage change, and sustain compliance.

TS/SCI with polygraph. (#ts/sci) (#polygraph)

Five (5) years of experience as an ISSO on programs and contracts of similar scope, type; and complexity is required. Bachelor's degree in Computer Science or related discipline from an accredited college or university is…