STEM Solutions
ISSO
STEM Solutions, Fort George Meade, Maryland, United States,
Information System Security Officer (ISSO)
Description:
Provide support for a program, organization, system or enclave's information assurance program. Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assist with the management of security aspects of the information system and perform day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Perform vulnerability/risk assessment analysis to support security authorization. Provide configuration management (CM) for information systems security software, hardware, and firmware. Manage changes to system and assess the security impact of those changes. Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
Position is responsible for:Provide support to senior ISSOs for implementing, and enforcing information systems security policies, standards, and methodologies.Assist with preparation and maintenance of documentationAssist in the evaluation of security solutions to ensure they meet security requirements for processing classified informationAssist with Configuration Management (CM) for information system security software, hardware, and firmwareMaintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgradesPropose, coordinate, and implement information systems security policies, standards, and methodologiesDevelop and maintain documentation for Security Authorization in accordance with ODNI and DoD policiesProvide CM for security-relevant information system software, hardware, and firmwareEnsure compliance with system security policyEvaluate security solutions to ensure they meet security requirements for processing classified informationMaintain operational security posture for an information system or programProvide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational Cybersecurity posture for a system, program, or enclaveDevelop and update the system security plan and other Cybersecurity documentationAssist with the management of security aspects of the information system and perform day-today security operations of the systemTrack and ensure appropriate user identification and authentication mechanism of the Information System (IS)Obtain system authorization for ISs under their purviewProvide support for a program, organization, system, or enclave's information assurance programPlan and coordinate implementation of IT security programs and policiesManage and control changes to the system assessing the security impact of those changesProvide daily oversight and direction to contractor ISSOsInteract with customers, IT staff, and high-level corporate officers to define and achieve required Cybersecurity objectivesJob Requirements:
Qualifications:
Ten (10) years of combined work-related experience in the fields of IT, cybersecurity or security authorization is required. Experience in at least two of the following areas is required: knowledge of current security tools, hardware/software security implementation; communication protocols; or encryption tools and techniques. Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services. Compliance with DoD 8570.01-M with a minimum certification of IAM Level I is required.Education/Experience:
Bachelor's degree in Computer Science, Cyber Security or IT Engineering is required.In lieu of a Bachelor's degree, four ( 4) additional years of work-related experience may be substituted.Clearance:
TS/SCI with FS Poly
Description:
Provide support for a program, organization, system or enclave's information assurance program. Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assist with the management of security aspects of the information system and perform day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Perform vulnerability/risk assessment analysis to support security authorization. Provide configuration management (CM) for information systems security software, hardware, and firmware. Manage changes to system and assess the security impact of those changes. Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
Position is responsible for:Provide support to senior ISSOs for implementing, and enforcing information systems security policies, standards, and methodologies.Assist with preparation and maintenance of documentationAssist in the evaluation of security solutions to ensure they meet security requirements for processing classified informationAssist with Configuration Management (CM) for information system security software, hardware, and firmwareMaintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgradesPropose, coordinate, and implement information systems security policies, standards, and methodologiesDevelop and maintain documentation for Security Authorization in accordance with ODNI and DoD policiesProvide CM for security-relevant information system software, hardware, and firmwareEnsure compliance with system security policyEvaluate security solutions to ensure they meet security requirements for processing classified informationMaintain operational security posture for an information system or programProvide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational Cybersecurity posture for a system, program, or enclaveDevelop and update the system security plan and other Cybersecurity documentationAssist with the management of security aspects of the information system and perform day-today security operations of the systemTrack and ensure appropriate user identification and authentication mechanism of the Information System (IS)Obtain system authorization for ISs under their purviewProvide support for a program, organization, system, or enclave's information assurance programPlan and coordinate implementation of IT security programs and policiesManage and control changes to the system assessing the security impact of those changesProvide daily oversight and direction to contractor ISSOsInteract with customers, IT staff, and high-level corporate officers to define and achieve required Cybersecurity objectivesJob Requirements:
Qualifications:
Ten (10) years of combined work-related experience in the fields of IT, cybersecurity or security authorization is required. Experience in at least two of the following areas is required: knowledge of current security tools, hardware/software security implementation; communication protocols; or encryption tools and techniques. Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services. Compliance with DoD 8570.01-M with a minimum certification of IAM Level I is required.Education/Experience:
Bachelor's degree in Computer Science, Cyber Security or IT Engineering is required.In lieu of a Bachelor's degree, four ( 4) additional years of work-related experience may be substituted.Clearance:
TS/SCI with FS Poly