Information Systems Security Officer, Mid

Key Role:

Assist with the certification and accreditation (C&A) and Assessment & Authorization (A&A) of standalone computers and networks and perform steps 1-3 of the Risk Management Framework in accordance with NIST SP 800-37. Work with Information System Owners (ISOs) to complete system categorization, select security controls, and perform self-assessments. Utilize the (RMF) Enterprise Mission Assurance Support Service (eMASS) to upload artifacts and select security controls. Research, develop, implement, test, and review an organization's information security in order to protect information and prevent unauthorized access. Identify organization risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. Gather the information necessary to maintain security and establishes functioning external barriers, including firewalls and other security measures. Review systems to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes, and document upgrades.
 

Basic Qualifications:

  • 5 years of experience with developing Risk Management products and working through system accreditations

  • 2 years of experience as an ISSO

  • 2 years of experience with selecting and assessing security controls

  • Experience in interfacing with information assurance managers, including reviewing documentation, including systems security plans (SSPs), risk assessment reports, accreditation packages, and Plan of Actions and Milestones (POA&Ms)

  • Active TS/SCI clearance

  • BA or BS degree

  • DoD IAT Level II 8140/8570 certification

Additional Qualifications:

  • Experience with ISO 27001 or IT auditing

  • Experience with eMASS

  • Experience with providing configuration management (CM) for information system security software, hardware, and firmware

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

JSP1

Not ready to apply? Join our talent community and sign up for job alerts.