Missing Link Security
Information Systems Security Officer (ISSO) NARA
Missing Link Security, College Park, Maryland, us, 20741
DescriptionMissing Link Security is a government contractor with a mission to secure the nation’s information by increasing awareness, countering threat, mitigating risk, and enforcing compliance. We employ people who are passionate about the security of our country, our communities, and our information systems. If you are a cyber expert looking to join a dynamic and innovative team, we encourage you to apply to our open position.Clearance:
Top SecretOffice Location:
8601 Adelphi Road, College Park, MD 20740 (Min on-site: every Tuesday and Thursday)Travel up to:
5%Job Description:As an Information Systems Security Officer (ISSO) at NARA within the Security Support Services, you will be responsible for overseeing and ensuring the secure operation of NARA's information systems. This role involves collaborating with external vendors to enhance information security measures in compliance with security policies and practices outlined in NIST Publication 800-53, NARA Directive 202 (NARA Classified Information Security Program), and NARA Directive 804 (Information Technology Systems Security).Key Responsibilities:Collaborate:
Work closely with system owners to validate and authorize user accounts, ensuring that access is granted only to eligible individuals with a genuine need for the system.Security Controls Testing:
Conduct security controls testing to assess system security controls, processes, and procedures. Monitor and track security requirements throughout the entire system life cycle, covering operational and developmental projects.Security Documentation:
Generate and update various security documentation, including:Federal Information Processing Standard Publication 199 (FIPS 199) forms,System Security Plans (SSPs),Contingency Plans, Configuration Management Plans,Incident Response Plans, Plan of Actions & Milestones (POA&M),Business Impact Analyses (BIA), Privacy Impact Assessments (PIA),System-level policy and procedure documentation,System component inventory records.Incident Handling:
Actively respond to and track security incidents according to the NARA Computer Security Incident Handling Guide. Ensure that audit trails are regularly reviewed and retained for specified durations as defined in the SSP.Data Calls:
Promptly respond to data calls, such as requests from the Office of Inspector General (OIG) or Contracting Officer Representatives (COR), by providing the necessary security artifacts and information.Annual Tabletop Exercises:
Participate in annual Contingency and Incident Response Plan testing and documenting lesson-learned activities.Monthly ConMon Meetings:
Participate in monthly continuous monitoring activities with government Point of Contact in discussing monthly vulnerabilities and remediation plans.Minimum Qualifications:Proficiency in Xacta 360Strong knowledge of Office suite notably Excel.Bachelor's degree in Computer Science, Information Security, or related fieldRelevant professional certifications (e.g., CISSP, CISM, CISA) highly desirable.Strong knowledge of NIST security standards and NARA security directives (Five years)Previous experience in information systems securityAttention to detail and the ability to manage multiple tasks simultaneously.Must be motivated and results oriented.Effective written and oral communication skills.Missing Link Security does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law.
#J-18808-Ljbffr
Top SecretOffice Location:
8601 Adelphi Road, College Park, MD 20740 (Min on-site: every Tuesday and Thursday)Travel up to:
5%Job Description:As an Information Systems Security Officer (ISSO) at NARA within the Security Support Services, you will be responsible for overseeing and ensuring the secure operation of NARA's information systems. This role involves collaborating with external vendors to enhance information security measures in compliance with security policies and practices outlined in NIST Publication 800-53, NARA Directive 202 (NARA Classified Information Security Program), and NARA Directive 804 (Information Technology Systems Security).Key Responsibilities:Collaborate:
Work closely with system owners to validate and authorize user accounts, ensuring that access is granted only to eligible individuals with a genuine need for the system.Security Controls Testing:
Conduct security controls testing to assess system security controls, processes, and procedures. Monitor and track security requirements throughout the entire system life cycle, covering operational and developmental projects.Security Documentation:
Generate and update various security documentation, including:Federal Information Processing Standard Publication 199 (FIPS 199) forms,System Security Plans (SSPs),Contingency Plans, Configuration Management Plans,Incident Response Plans, Plan of Actions & Milestones (POA&M),Business Impact Analyses (BIA), Privacy Impact Assessments (PIA),System-level policy and procedure documentation,System component inventory records.Incident Handling:
Actively respond to and track security incidents according to the NARA Computer Security Incident Handling Guide. Ensure that audit trails are regularly reviewed and retained for specified durations as defined in the SSP.Data Calls:
Promptly respond to data calls, such as requests from the Office of Inspector General (OIG) or Contracting Officer Representatives (COR), by providing the necessary security artifacts and information.Annual Tabletop Exercises:
Participate in annual Contingency and Incident Response Plan testing and documenting lesson-learned activities.Monthly ConMon Meetings:
Participate in monthly continuous monitoring activities with government Point of Contact in discussing monthly vulnerabilities and remediation plans.Minimum Qualifications:Proficiency in Xacta 360Strong knowledge of Office suite notably Excel.Bachelor's degree in Computer Science, Information Security, or related fieldRelevant professional certifications (e.g., CISSP, CISM, CISA) highly desirable.Strong knowledge of NIST security standards and NARA security directives (Five years)Previous experience in information systems securityAttention to detail and the ability to manage multiple tasks simultaneously.Must be motivated and results oriented.Effective written and oral communication skills.Missing Link Security does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law.
#J-18808-Ljbffr