Information System Security Officer
Description:
In this role you will develops, maintain, and implement information security standards, procedures, and guidelines for applications and databases. In addition, you will ensure that systems and organizational databases are protected from unauthorized access and use, and monitor systems, identify threats, and handle disaster recovery operations.
What You'll Be Doing:
Performs assessments of systems and networks within the networking environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations (compliance audits) and active evaluations (vulnerability assessments).
Establishes strict program control processes to ensure mitigation of risks and supports for obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.
Assists in the implementation of required government policy (e.g.,, NISPOM, DCID 6/3), and makes recommendations on process tailoring.
Performs analyses to validate established security requirements and recommends additional security requirements and safeguards where required.
Supports the formal Security Test & Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
Periodically conducts a review of each system’s audits and monitors corrective actions until all actions are closed.
Demonstrates advanced subject matter expertise in job family.
Contributes to and may lead the planning and implementation of large programs in the function, and regularly interfaces with senior management and executive leadership.
Plays a role in overall functional strategic planning.
What Required Skills You'll Bring:
Active Top Secret/SCI with CI Polygraph.
Bachelor’s Degree and 8 years of related experience.
Certified Information Systems Security Professional (CISSP) certification.
What Desired Skills You'll Bring:
Strong leadership skills
Management experience