Information System Security Officer (ISSO)/ISSM

Job Type: Full Time

Location: Fort Meade, Md

Clearance: TS/SCI w/Polygraph

VMR Strategic is seeking an Information Systems Security Officer (ISSO) in Fort Meade, MD to support our client. The ISSO will develop, update, and submit the System Security Plan and other required documentation that make up the Security Authorization Package; The ISSO will conduct configuration management for security-relevant changes to software, hardware, and firmware; The ISSO will also Perform and deliver security impact analyses of changes to the system or its environment of operations.

Duties

• Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves;
• Provide guidance and technical expertise on all matters that impact or effect the security of the information system;
• Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis;
• Assess the effectiveness of system security controls on an ongoing basis to determine system security status; and
• Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments

Qualifications

Required education and experience:

• 10 years of related work experience in the field of security authorization. Bachelor’s degree in Computer Science, Information Technology Engineering, or a related field may be substituted for 4 years’ experience
• DoD 8570 compliant IAM Level I certification, such as the CompTIA Security+ certification. A higher level certification, such as GSLC, CAP, CASP, CISM and/or CISSP will also be accepted
• Knowledge of the security authorization processes and procedures as defined in the Risk Management Framework NIST SP800-37
• Familiarity with the ICD503, CNSSI1253, NIST SP800-53, etc.
• Knowledge of commercial security tools and their uses
• Experience with hardware/software security implementations
• Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services
• Familiarity with security incident management, experience collaborating with Incident Response Teams
• Ability to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance
• Experience creating and presenting documentation and management reports
• Experience working with the XACTA IA Manager
• Ability to be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues
• Ability to be committed to continuous learning and system development because of the constant developing nature of cyber attacks
• Ability to quickly learn new concepts, data formats, and software
• Ability to be self-motivated, independent, detail oriented, responsible team player, and exhibit exceptional relationship management skills

Required Clearance

• TS/SCI with current polygraph

Working Environment

• Onsite