Information System Security Officer
Description:
The Information System Security Officer is responsible for collaborating with system owners and project managers to facilitate and provide guidance on obtaining Approval to operate through the customer's formal Risk Management Framework and the Assessment and Authorization process.
This role requires applying technical expertise to understand the complexities of network design and deployment methodologies. Additionally, the officer will assist in interpreting cybersecurity and data protection policies, guiding a small team of mission-focused network and systems engineers, as well as to other non-technical partners within the organization.
An active TS/SCI and polygraph clearance is required.
**Job Responsibilities**
- Understand and evaluate the requirements for approvals.
- Identify and comprehend the requirements necessary for the Accreditation and Authorization process.
- Familiarize yourself with the customer risk management framework and enterprise accreditation tools.
- Collaborate with ISSM staff to obtain policy guidance, ensuring a balance between achieving approval to operate and protecting systems from unauthorized disclosure.
- Work with ISSM to determine the appropriate level of information that can be stored in mandatory enterprise systems, in accordance with program guidelines.
- Create, coordinate, and submit all required artifacts for accreditation.
- Engage with on-site engineers and off-site vendors to provide advice and document security designs.
Collaborate with teams to ensure that adequate information security considerations are integrated.
Identify any deficiencies in INFOSEC practices within existing systems, and work to document, mitigate, or accept the risks associated with identified issues.
Advise the team about critical security vulnerabilities and system patches as they are released by vendors.
Monitor the deployment of security patches on systems.
Ensure that system scanning is conducted and is compliant with customer policies whenever possible.
Stay updated on critical vulnerabilities in customer platforms and convert them into patching requirements for system engineers. open and honest communication
Understanding of the customer's accreditation tools
Knowledge of the customer's Assessment and Authorization process
Experience working with customers' ISSM staff
An active TS/SCI and polygraph clearance is required.