Logo
Cape Fox Corporation

Information Systems Security Officer (ISSO)

Cape Fox Corporation, Arlington, Virginia, United States, 22201


Information Systems Security Officer (ISSO) - (7628)

Job Title:

Information Systems Security Officer (ISSO)Work Location:

Reston, VA; work may also be performed at locations in the Washington, DC National Capital Region (NCR).The DIA SCS has a requirement for A&AS support to provide independent and objective services for the implementation and sustainment of SCS sensor system information security compliance, and Tasking, Collection, Processing, Exploitation, and Dissemination (TCPED) systems information security compliance. SCS has a requirement to support independent reviews, analyses and inputs for complex technical SDA TCPED systems, current and future IT initiatives, information security best practices, and advancements in accordance with the DIA Risk Management Framework (RMF).Cape Fox is seeking a highly qualified Information Systems Security Officer (ISSO) to join our team in support of a government customer. The ISSO will be responsible for providing the knowledge, skills, abilities, staff support, and other related resources necessary to conduct or support the following Risk Management Framework (RMF) related services: prepare, categorize information systems, select security controls, implement security controls, assess security controls, provide recommendation to the authorizing official, monitor security controls, and other RMF related services.Core Duties:Conduct research, develop, implement, test, and review the application information security IAW DoD/National Institute of Standards and Technology (NIST) RMF+ requirements in order to protect information and prevent unauthorized access.Coordinate with the contractor team regarding security measures, explain potential threats, implement security measures, and monitor applications in order to meet or exceed all DoD/NIST RMF+ requirements, resulting in faster and more accurate software releases.Responsibilities also include physical and environmental protection, personnel security, incident handling, and security training and awareness.In close coordination with the Information System Security Manager (ISSM) and Information Systems Owner (ISO), the ISSO plays an active role in monitoring a system and its environment of operation to include developing and updating the System Security Plan (SSP), managing and controlling changes to the system, and assessing the security impact of those changes.Ensure the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO.Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package.Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties.Maintain required IA certifications.Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the Information System (IS).Report all security-related incidents through appropriate channels.Conduct periodic reviews of information systems to ensure compliance with the security authorization package.Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change.Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization.Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.Ensure all IS security-related documentation is current and accessible to properly authorized individuals.Ensure audit records are collected, reviewed, and documented (to include any anomalies).Travel Requirements:

0 - 10%Requirements:Bachelor's degree in computer science, mathematics, engineering, or five years of comparable work experience.Eight or more years of ISSO experience is highly desired.Candidates must have, or be able to obtain, DOD 8570 certification for Info Assurance Management (IAM) level III. Prefer candidates who hold Certified Information Systems Security Professionals (CISSP) credential and possess acute knowledge and practical experience of DoD 8510 and NIST 800-53 RMF+.Candidate must be analytical and able to troubleshoot and prioritize needs, requirements, and other issues.Excellent communication, teamwork, and conflict management skills.Expertise in risk-based Assessment and Authorization (A&A) for information systems security.Possesses ability to meet and operate under deadlines.Knowledge and experience with DevSecOps and C2S are required for at least one ISSO on contract.Expertise with configuration management, system maintenance, and integration testing.Ability to troubleshoot technical configurations and make recommendations on the protection of classified and sensitive data.Expertise in forensics chain of custody and evidentiary preservation.Demonstrated proficiency in successfully guiding complex information systems through A&A control gates.Expert ability to establish and maintain effective internal and external working relationships with government and contractor program managers, security professionals, and mission partners.Demonstrated ability to work independent of close supervision.Must have Active Security Clearance status of Top Secret/Sensitive Compartmented Information (TS/SCI) with a Counter Intelligence (CI) polygraph test.

#J-18808-Ljbffr