Information Systems Security Officer Level 2

The candidate will be responsible for security architecture and systems engineering supporting projects (primarily MFAMS, TITUS and JBlocks). The ISSO will provide guidance to the team to support system accreditation (IATT and ATO).  

ISSO tasks include:

• Develop and maintain System Security Plans (SSPs).


• Work with ISSM and DAOs to ensure systems obtain and maintain accreditation.


• Apply continuous monitoring techniques to evaluate the systems security posture


• Create tasking for developers and system administrators as changes and patching are required.


• Ensure security policies, practices, and procedures are implemented.


• Track Plans of Actions and Milestones (POA&M)


• Review Audit Logs


• Perform Data transfers.

• Experience with:
  
  
  
  • The ICD 503/NIST 800-53 certification and accreditation process
  
  
  • The Risk Management Framework
  
  
  • Developing and maintaining SSPs
  
  
  • IAVA review and handling
  
  
  • Interpreting Security Scan results
  
  
  • Interfacing with System Administrators and Software Engineers
  
  
  • Task tracking systems (e.g. Jira, Redmine, ServiceNow)
  
  
  
  


• Understands:
  
  
  
  • Public Key Infrastructure-based authentication
  
  
  • A variety of security policies, especially within the IC
  
  
  • fundamentals of technical security risk assessment
  
  
  • Understands how to perform analysis of alternatives
  
  
  
  


• Able to clearly communicate ideas and status updates to management and other stakeholders.