RAND Corporation
Information Systems Security Officer (ISSO)
RAND Corporation, Greendale, Wisconsin, United States, 53129
Information Systems Security Officer (ISSO)
RAND CorporationRAND is a nonprofit institution that helps improve policy and decision-making through research and analysis. RAND focuses on the issues that matter most such as health, education, national security, international affairs, and the environment.Position OverviewThe Information Systems Security Officer (ISSO) is responsible for providing compliance and oversight of all of RAND Corporation’s Authorization and Accreditation (A&A) requirements, maintaining policies and procedures in accordance with the Defense Intelligence Agency (DIA), Defense Counterintelligence Security Agency (DCSA), Intelligence Community (IC), and other Department of Defense (DoD) regulations as applicable. Additionally, the position manages the Sensitive Compartmentalized Information (SCI) and Special Access Program (SAP) Information Systems (IS) to ensure that all classified IS remain accredited.DutiesImplements, monitors and maintains RAND’s Security Manual and procedures for DoD, IC and SAP programs and other applicable government sponsor regulations.Enforces corporate policies to support ICD’s, DAAPM, JSIG and other CI standards.Enforces compliance with current Security Technical Implementation Guides (STIGs) for all applicable systems.Interfaces with and supports clients in the operation and security of the classified systems.Assists the ISSM in establishing, communicating, and improving the collateral and SCI/SAP Information Systems (IS) Security Program.Responsible for the preparation and sustainment for internal self-inspections.Assesses changes by performing periodic self-inspections, tests and reviews of the classified IS program to ensure that systems are operating as authorized/accredited.Participates in the planning, installation, implementation, upgrade, problem determination and resolution involving software programs, operating systems, computers, printers, scanners, etc. for collateral and SCI/SAP systems.Ensures protocols are followed for the investigation(s) and resolution of security incidents.Collaborates with the system and network administrators to ensure audit features are configured and enabled correctly.Performs weekly audits and ensures administrative inquiries/investigations into anomalies found during audit trail analysis are reported to the ISSM for follow-on actions.Develops and implements the System Security Plans (SSP) and addendums for the facility.Performs other duties as assigned.EducationHigh school diploma or GED required. BS/BA degree preferred.ExperienceWith a bachelor’s degree, at least three years’ experience in Information Technology (IT) in a classified environment or as an ISSM/ISSO in government/industrial security is required. Without a bachelor’s degree, at least seven years’ experience in Information Technology (IT) in a classified environment or as an ISSM/ISSO in government/industrial security is required.Basic QualificationsMust have and maintain a DoD 8570.01-M (Information Assurance Workforce) IAM level 1 certification (e.g. Security+, GSLC, CISM, or CISSP).Possesses working knowledge of the DoD, DISA, ICDs and associated IC security regulations, policies, STIGs and laws.Possesses extensive working knowledge of multiple federal government network security processes and procedures.Technical background with understanding or hands-on experience in software development and web technologies.Organizational skills including attention to detail and multi-tasking skills.Is familiar with encryption technologies, forensics, penetration and vulnerability analysis of various security technologies and information technology security research.Possesses knowledge of Microsoft office products or similar software packages.Possesses a strong understanding of operating system (PC, Mac, Linux) and audit log aggregator software.Able to configure laptops/desktops, install applications, setup network infrastructure and troubleshoot as required.Possesses excellent oral and written communications skills required for correspondence, reports, briefings, and procedures.Must be able to lift 30 lbs.Must be able to pass a background check.Preferred QualificationsAt least five or more years’ experience in Information Technology (IT) in a classified environment or as an ISSM/ISSO in government/industrial security leading other security professionals preferred.Experience working with federal/government agencies or defense contractors preferred.Experience interfacing with DIA or other government representatives as the ISSM/ISSO preferred.LocationPittsburghSecurity ClearanceMust meet eligibility requirements for access to U.S. government classified information.Positions OpenOneSalary Range : $85,700 - $127,500RAND considers a variety of factors when formulating an offer, including but not limited to, the specific role and associated responsibilities; a candidate’s work experience, education/training, skills, expertise; and internal equity.Equal Opportunity Employer: race/color/religion/sex/sexual orientation/gender identity/national origin/disability/vet.
#J-18808-Ljbffr
RAND CorporationRAND is a nonprofit institution that helps improve policy and decision-making through research and analysis. RAND focuses on the issues that matter most such as health, education, national security, international affairs, and the environment.Position OverviewThe Information Systems Security Officer (ISSO) is responsible for providing compliance and oversight of all of RAND Corporation’s Authorization and Accreditation (A&A) requirements, maintaining policies and procedures in accordance with the Defense Intelligence Agency (DIA), Defense Counterintelligence Security Agency (DCSA), Intelligence Community (IC), and other Department of Defense (DoD) regulations as applicable. Additionally, the position manages the Sensitive Compartmentalized Information (SCI) and Special Access Program (SAP) Information Systems (IS) to ensure that all classified IS remain accredited.DutiesImplements, monitors and maintains RAND’s Security Manual and procedures for DoD, IC and SAP programs and other applicable government sponsor regulations.Enforces corporate policies to support ICD’s, DAAPM, JSIG and other CI standards.Enforces compliance with current Security Technical Implementation Guides (STIGs) for all applicable systems.Interfaces with and supports clients in the operation and security of the classified systems.Assists the ISSM in establishing, communicating, and improving the collateral and SCI/SAP Information Systems (IS) Security Program.Responsible for the preparation and sustainment for internal self-inspections.Assesses changes by performing periodic self-inspections, tests and reviews of the classified IS program to ensure that systems are operating as authorized/accredited.Participates in the planning, installation, implementation, upgrade, problem determination and resolution involving software programs, operating systems, computers, printers, scanners, etc. for collateral and SCI/SAP systems.Ensures protocols are followed for the investigation(s) and resolution of security incidents.Collaborates with the system and network administrators to ensure audit features are configured and enabled correctly.Performs weekly audits and ensures administrative inquiries/investigations into anomalies found during audit trail analysis are reported to the ISSM for follow-on actions.Develops and implements the System Security Plans (SSP) and addendums for the facility.Performs other duties as assigned.EducationHigh school diploma or GED required. BS/BA degree preferred.ExperienceWith a bachelor’s degree, at least three years’ experience in Information Technology (IT) in a classified environment or as an ISSM/ISSO in government/industrial security is required. Without a bachelor’s degree, at least seven years’ experience in Information Technology (IT) in a classified environment or as an ISSM/ISSO in government/industrial security is required.Basic QualificationsMust have and maintain a DoD 8570.01-M (Information Assurance Workforce) IAM level 1 certification (e.g. Security+, GSLC, CISM, or CISSP).Possesses working knowledge of the DoD, DISA, ICDs and associated IC security regulations, policies, STIGs and laws.Possesses extensive working knowledge of multiple federal government network security processes and procedures.Technical background with understanding or hands-on experience in software development and web technologies.Organizational skills including attention to detail and multi-tasking skills.Is familiar with encryption technologies, forensics, penetration and vulnerability analysis of various security technologies and information technology security research.Possesses knowledge of Microsoft office products or similar software packages.Possesses a strong understanding of operating system (PC, Mac, Linux) and audit log aggregator software.Able to configure laptops/desktops, install applications, setup network infrastructure and troubleshoot as required.Possesses excellent oral and written communications skills required for correspondence, reports, briefings, and procedures.Must be able to lift 30 lbs.Must be able to pass a background check.Preferred QualificationsAt least five or more years’ experience in Information Technology (IT) in a classified environment or as an ISSM/ISSO in government/industrial security leading other security professionals preferred.Experience working with federal/government agencies or defense contractors preferred.Experience interfacing with DIA or other government representatives as the ISSM/ISSO preferred.LocationPittsburghSecurity ClearanceMust meet eligibility requirements for access to U.S. government classified information.Positions OpenOneSalary Range : $85,700 - $127,500RAND considers a variety of factors when formulating an offer, including but not limited to, the specific role and associated responsibilities; a candidate’s work experience, education/training, skills, expertise; and internal equity.Equal Opportunity Employer: race/color/religion/sex/sexual orientation/gender identity/national origin/disability/vet.
#J-18808-Ljbffr