This ISSO provides support for a program, organization, system, or enclave's information assurance program. Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintains operational security posture for an information system or program to ensure information systems security policies, standards and procedures are established and followed. Assists with the management of security aspects of the information system and perform day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assess the security impact of those changes.
|Familiarity with NIST RMF lifecycle, from cradle to grave.|
Knowledge of CNSSI 1253
Understand the need/importance of an SSP
Understand what is included within an accreditation package
Understand Agency Access Control architecture
Experience with / knowledge of any/all of the following: (XACTA: GATEKEEPER; CASPORT; BISCOTTI; LATTEART; DARKROAST; ROCBLASTER; SEAR; KNIGHTSUPREME.
Experience in the customer environment
Understanding of entitlements, ECI's and COI's
Moderate technical knowledge - e.g. understanding of networking, DNS, Cloud principles, VM's, Servers etc.
Team player, individual contributor, strong work ethic
Excellent verbal written communications skills.
A TS/SCI security clearance with polygraph.
10 years experience