This site uses cookies. To find out more, see our Cookies Policy

Information Systems Security Officer, Mid in Arlington, VA at Booz Allen Hamilton Inc.

Date Posted: 12/5/2018

Job Snapshot

Job Description

Job Number: R0042939

Information Systems Security Officer, Mid

Key Role:

Serve as an Information Systems Security Officer (ISSO). Assist with the certification and accreditation (C&A) of standalone computers and networks. Gather the information necessary to maintain security and establish functioning external barriers, including firewalls and other security measures. Review systems to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes, and document upgrades. Maintain responsibility for managing Cybersecurity risks from a business and agency perspective. Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.

Basic Qualifications:
-5 years of experience with providing security guidance and IS validation using National Institute of Standards and Technology (NIST) RMF, DoD, and local security policies
-Experience with providing configuration management (CM) for information system security software, hardware, and firmware and coordinating changes and modifications with the information system security manager (ISSM), security control assessor (SCA), and authorizing official (AO)
-Experience in reviewing system security audit logs and leveraging network scanning software to perform vulnerability or risk assessment analysis for the RMF, including maintaining vulnerability scanning tool compliance, such as the Host-Based Security System (HBSS) or Assured Compliance Assessment Solution (ACAS) and patch management, such as Information Assurance Vulnerability Management (IAVM) to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, managing system changes, and assessing the security impact of those changes
-Experience in interfacing with information assurance managers, including reviewing documentation, such as systems security plans (SSPs), risk assessment reports, C&A packages, and Plans of Actions and Milestones (POA&Ms)
-Ability to manage Cybersecurity activities that must be performed by system owners, including annual refresher CS training or awareness briefings or requires a personal interface, including incident response or data transfers
-Ability to support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoD RMF
-Secret clearance
-BA or BS degree
-DoD IAM or IAT Level II Certification

Additional Qualifications

-DoD IAM or IAT Level III Certification

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.