Information System Security Officer – Isso

Information System Security Officer – Isso

Requirements

• Cybersecurity
• Information Security
• Network Management
• Security Policies
• System Security
• 4 + years of related experience
• In-depth knowledge of NIST, DoD, and DoA Cybersecurity and RMF policies, directives, instructions, manuals, and best business practices: NIST 800-53, FIPS 140-3/199/200/201, DHS 4300A SSA, RMF 2.0
• Well versed in Windows client OS, Windows Server 2019, Microsoft SQL 2019/2022, and Red Hat Enterprise Linux 7/8 with emphasis on AGM images
• Experienced with DA/NETCOM Risk Management Framework, particularly RMF 2.0; DISA Security Technical Implementation Guide (STIG) process; Assured Compliance Assessment Solution (ACAS) administration and vulnerability scanning: Tenable.SC security umbrella including Nessus Vulnerability Scanner and Nessus Network Monitor (NNM); Trellix ePolicy Orchestration (ePO) (ESS/ENS/HBSS) administration; domain administration to include active directory management, group policy object administration, client/host registry administration; experience with hypervisor and virtual machines, particularly VMware ESXi/vSphere/vCenter 6.7 or higher; familiarity with Microsoft Internet Information Services (IIS) and utilization of SolarWinds network management suite or similar network monitoring solution; and Microsoft SQL 2019/2022 database administration
• Experience with DoD/DA IAVM tracking, reporting, and implementation of cybersecurity best practices on formulating remediation guidance for supported platforms
• Provides oversight of RMF technicians, audits RMF technician actions, performs log collection and analysis in support of site security operations, and possess knowledge of the DoD/DoA Authority to Operate (ATO) / Authority to Connect (ATC) process and regulations
• Experienced with analyzing network security architectures and network design data flow diagrams that provide port, protocol, and service details
• General knowledge and diagnostic abilities to solve network/system/server/client technical problems associated with maintaining security boundary equipment across a complex network and adapting to support operations
• Strong written and verbal communication skills
• Work both autonomously and within a team environment
• IAM-II Baseline Certification in accordance with current DoDD 8140 (8570.1): CASP+, CISSP, CAP, CISM, CCISO required
• Secret Clearance required to start, must able to obtain and maintain TS/SCI

Responsibilities

• Coordinates directly with the Government ISSM, contractor ISSO-N, and Network Engineer to ensure the appropriate operational security posture is maintained and documented for MTC information systems
• Responsible for defining & implementing SOPs; implementing DoD, Department of the Army (DA), & MTC policies; creating & implementing plans of action and milestones (POA&M) in response to vulnerabilities identified during risk assessments, audits, & inspections
• Assures successful implementation and functionality of security requirements and appropriate IT policies/procedures that are consistent with the organization’s mission and goals
• Participates in special projects and performs additional duties as required to support customer requirements

Preferred Qualifications

• Experience with Cisco network equipment is preferred: including but not limited to: Cisco switches, routers, and Unified Call Manager