Information System Security Officer (ISSO)- SECRET CLEARANCE

Job Description

Information System Security Officer (ISSO)

Must have Secret clearance

Contract: Air Defense Communication Service (ADCS)

The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system..

Qualifications:

Bachelor’s degree in computer science, Information Systems, or a related field, or equivalent years of experience. Minimum of 7 years of experience in information security or 5+ years with BA/BS.

Possess and maintain a minimum of IAM level III certification IAW the DoD directive 8140.01 Cyberspace Workforce Management such asCISSP, CISM, or CASP.

Strong understanding of information security principles, practices, and technologies.

Experience with security frameworks such as NIST, ISO 27001, and HIPAA.

Hands-on experience with security tools and technologies, such as firewalls, intrusion detection/prevention systems, and vulnerability scanners.

Preferred Qualifications:

Experience with implementing and managing security tools and technologies, including firewalls, intrusion detection/prevention systems, anti-virus software, and data loss prevention solutions.

Experience and training with Microsoft Server 2016/ 2019 or newer to include Active Directory, Radius, Cisco Identity service engine, DNS and Group Policy

Experience and training with virtual environments (VMware, Hyper-V, etc.)

Familiar with maintaining and operating SQL server, tenable security center (ACAS) Scans, and Microsoft endpoint security,

Experienced in applying patches/updates and STIGs

Familiar with eMASS

How to upload STIG and ACAS scans.

How to manage Plan of Action and Milestones

Experience with Cyber Security Service Provider implementation

Experience with DoD Cyber Protection Team

Responsibilities:

Support the ISSM to define, create, and maintain the documentation for certification and authorization of the Air Defense Communication Service (ADCS) system in accordance with requirements.

Assess the impacts on system modifications and technological advances.

Develop, implement, and maintain information security policies, procedures, and standards in accordance with industry best practices and regulatory requirements (e.g., NIST, ISO 27001, etc.).

Conduct regular security assessments, vulnerability scans to identify and mitigate security risks.

Monitor security logs and alerts for suspicious activity and respond to security incidents in a timely and effective manner.

Collaborate with IT and business stakeholders to ensure security requirements are integrated into all phases of the system development lifecycle.

Maintain up-to-date knowledge of current and emerging security threats and vulnerabilities.

Participate in security audits and assessments conducted by internal and external parties.

Develop and maintain disaster recovery and business continuity plans.

Manage and maintain security documentation, including incident reports, risk assessments, and security policies.

Stay abreast of current industry best practices and regulatory requirements related to information security.

Full-time