ARA
Information Systems Security Officer (ISSO)
ARA, Raleigh, North Carolina, United States, 27601
Information Systems Security Officer (ISSO)
Applied Research Associates (ARA), Inc. has an immediate need for an experienced Information Systems Security Officer (ISSO) for the Integrated Missions System Sector in Raleigh, NC. The ISSO will support the Information System Security Manager (ISSM) to ensure the appropriate operational security posture is maintained for multiple information systems and secure networks. The ISSO will continuously monitor that each system or network meets the Risk Management Framework (RMF) requirements and are kept up to date according to System Security Plans, the DAAPM/NISPOM, and applicable NIST Publications. In this position, the ISSO will build, configure and maintain systems that adhere to a collective of different government regulations.What you'll do as an ISSO:Ensure systems are operated, maintained, and disposed of in accordance with security policies and proceduresGenerate and maintain required IS security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices, Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and proceduresMaintain day-to-day security posture and continuous monitoring of various classified systemsAssist in ensuring compliance with the DCSA Assessment and Authorization Process Manual (DAAPM), Department of Defense (DoD) regulations, Intelligence Community Directives (ICDs), and Security Technical Implementation Guides (STIGs)Schedule, perform and maintain records of required IS auditing, patching, maintenance, software/hardware changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirementsDevelop and conduct test procedures for verification of Assessment and Authorization (A&A) & Risk Management Framework (RMF) safeguards to meet customer requirements based upon NISPOM, DAAPM and related NIST publicationsAssess changes to an IS by performing periodic self-inspections, tests and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed; ensure corrective actions are taken for identified findings and vulnerabilitiesMaintain a working knowledge of IS functions, security policies, technical security safeguards, and operational security measures. Coordinate with Facility Security Officer (FSO) and Program Security Officers (PSO) to define, implement and maintain information security policies, strategies, and proceduresImplement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidentsAssist ISSM with the development, documentation, and presentation of classified IS security education, awareness, and training activitiesAssist the ISSM with preparation for Defense Counterintelligence and Security Agency (DCSA) Security Vulnerability Assessments (SVA), Command Operational Readiness Assessments (CORA), and Other Government Agency (OGA) inspectionsPerforms other duties as requiredISSO Requirements:U.S. citizenship is required and an active Secret clearanceHigh School Diploma with 8-10 years of experienceHave a strong understanding of computer operating systems (Windows and Linux), software, and computer hardwareAbility to configure laptops/desktops/servers, install applications, setup network infrastructure, and troubleshoot as required1 year of experience performing vulnerability assessments1 year of experience conducting STIG/SCAP compliance scans (SCC)2 years of experience working with Microsoft Active Directory and Group Policy ManagementPossess and maintain a DoD 8570 IAM-I level professional certification (i.e. Security +) or can obtain the certification within six (6) months of hireISSO Preferences:BS Degree with 2-4 years of experienceTop Secret Clearance with SCI eligibilityStrong organizational and administrative skillsStrong interpersonal skills working with all levels of staff and customersAbility to work independently and exercise good judgmentStrong written and verbal communications skillsMaintain and adhere to a high level of confidentialityPossess the ability to multitask, prioritize workload, and be flexiblePossess the ability to learn new systems and procedures quicklyProficient in IA Security specifications such as Risk Management Framework (RMF), NIST SP 800-53, DAAPM2 years of experience with security assessment/hardening tools, i.e. STIGs, SCAP, ACAS, etc.Security+ Certification
#J-18808-Ljbffr
Applied Research Associates (ARA), Inc. has an immediate need for an experienced Information Systems Security Officer (ISSO) for the Integrated Missions System Sector in Raleigh, NC. The ISSO will support the Information System Security Manager (ISSM) to ensure the appropriate operational security posture is maintained for multiple information systems and secure networks. The ISSO will continuously monitor that each system or network meets the Risk Management Framework (RMF) requirements and are kept up to date according to System Security Plans, the DAAPM/NISPOM, and applicable NIST Publications. In this position, the ISSO will build, configure and maintain systems that adhere to a collective of different government regulations.What you'll do as an ISSO:Ensure systems are operated, maintained, and disposed of in accordance with security policies and proceduresGenerate and maintain required IS security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices, Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and proceduresMaintain day-to-day security posture and continuous monitoring of various classified systemsAssist in ensuring compliance with the DCSA Assessment and Authorization Process Manual (DAAPM), Department of Defense (DoD) regulations, Intelligence Community Directives (ICDs), and Security Technical Implementation Guides (STIGs)Schedule, perform and maintain records of required IS auditing, patching, maintenance, software/hardware changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirementsDevelop and conduct test procedures for verification of Assessment and Authorization (A&A) & Risk Management Framework (RMF) safeguards to meet customer requirements based upon NISPOM, DAAPM and related NIST publicationsAssess changes to an IS by performing periodic self-inspections, tests and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed; ensure corrective actions are taken for identified findings and vulnerabilitiesMaintain a working knowledge of IS functions, security policies, technical security safeguards, and operational security measures. Coordinate with Facility Security Officer (FSO) and Program Security Officers (PSO) to define, implement and maintain information security policies, strategies, and proceduresImplement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidentsAssist ISSM with the development, documentation, and presentation of classified IS security education, awareness, and training activitiesAssist the ISSM with preparation for Defense Counterintelligence and Security Agency (DCSA) Security Vulnerability Assessments (SVA), Command Operational Readiness Assessments (CORA), and Other Government Agency (OGA) inspectionsPerforms other duties as requiredISSO Requirements:U.S. citizenship is required and an active Secret clearanceHigh School Diploma with 8-10 years of experienceHave a strong understanding of computer operating systems (Windows and Linux), software, and computer hardwareAbility to configure laptops/desktops/servers, install applications, setup network infrastructure, and troubleshoot as required1 year of experience performing vulnerability assessments1 year of experience conducting STIG/SCAP compliance scans (SCC)2 years of experience working with Microsoft Active Directory and Group Policy ManagementPossess and maintain a DoD 8570 IAM-I level professional certification (i.e. Security +) or can obtain the certification within six (6) months of hireISSO Preferences:BS Degree with 2-4 years of experienceTop Secret Clearance with SCI eligibilityStrong organizational and administrative skillsStrong interpersonal skills working with all levels of staff and customersAbility to work independently and exercise good judgmentStrong written and verbal communications skillsMaintain and adhere to a high level of confidentialityPossess the ability to multitask, prioritize workload, and be flexiblePossess the ability to learn new systems and procedures quicklyProficient in IA Security specifications such as Risk Management Framework (RMF), NIST SP 800-53, DAAPM2 years of experience with security assessment/hardening tools, i.e. STIGs, SCAP, ACAS, etc.Security+ Certification
#J-18808-Ljbffr