Information Systems Security Officer; ISSO

Pay:
Competitive

Employment type:

Full-Time

• Req#: 7022

** This position is contingent upon contract award**

SOSi is seeking an ISSO to support the US Army Reserve Command gg. The ISSO provides oversight, guidance, and technical support on IT and information system security issues affecting the mission by implementing common information system security practices, policies, and technologies. The candidate should also have an understanding of Contractor Program Security functions, responsibilities, and disciplines that comprise a strong Security Program.

• Maintain operational security posture for programs and information systems supporting an enterprise environment.
• Support and track customer security authorization activities.
• Perform vulnerability and risk assessment analyses to support authorization and accreditation processes.
• Prepare and review documentation such as System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrices (SCTMs).
• Conduct vulnerability and risk assessments.
• Review and evaluate IS policies and procedures periodically.
• Support IS security inspections, tests, and reviews.
• Maintain the IS Continuous Monitoring Plan, process hardware/software change requests, and conduct software due diligence.
• Review audit logs using tools like Splunk SIEM.
• Monitor weekly anti-virus updates and quarterly SCAP scans.
• Assist in remediating vulnerabilities and mitigating system risks.
• Prioritize, document, and measure risks related to system security.
• Work effectively in a small team environment.

• Bachelor’s degree with five (5) years of experience or five (5) years of relevant experience with required certifications in lieu of a degree.
• Active Secret Clearance.
• Valid Security+ CE Certification, meeting DoD Directive 8570.01-M requirements for Information Assurance Technical Level 2.
• Experience with the Risk Management Framework (RMF) process.
• Familiarity with Program Security responsibilities, including OPSEC, Program Protection, Personnel Security clearances, Security Training, and Classification management.
• Experience managing system General and Privileged User programs.
• Deep knowledge of network and information system security principles and testing practices.
• Experience with ICD 503, NIST publications, Intel Community Directives, DoD Issuances, etc.

• Typical office environment.

SOSi is a private, family-owned government services integrator working mainly in defense and intelligence sectors. Founded in 1989, we provide specialized analytical services to the U.S. law enforcement community and beyond.