Secret Cleared Information System Security Officer (ISSO)

JOB TITLE: Secret Cleared Information System Security Officer (ISSO)
JOB LOCATION: Tyndall Airforce Base
WAGE RANGE*: $58hr to $60hr
JOB NUMBER: RQ198818

REQUIRED EXPERIENCE:

Information System Security Officer (ISSO)
Security Clearance Level: Secret
Possess and maintain a minimum of IAM level III certification IAW the DoD directive 8140.01 Cyberspace Workforce Management such as CISSP, CISM, or CASP.
Minimum of 7 years of experience in information security or 5+ years with BA/BS.
Cybersecurity, Information System Security, Risk Management

JOB DESCRIPTION

Our client is seeking a highly motivated and experienced Information System Security Officer (ISSO). This position will be responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system.

Includes physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is supporting Department of Defense (DoD) agencies, such as HQ Air Force and (AFNORTH) efforts. The position will provide "day-to-day" support for Collateral activities.

Responsibilities:

• Support the ISSM to define, create, and maintain the documentation for certification and authorization of the Air Defense Communication Service (ADCS) system in accordance with requirements.
• Assess the impacts on system modifications and technological advances.
• Develop, implement, and maintain information security policies, procedures, and standards in accordance with industry best practices and regulatory requirements (e.g., NIST, ISO 27001, etc.).
• Conduct regular security assessments, vulnerability scans to identify and mitigate security risks.
• Monitor security logs and alerts for suspicious activity and respond to security incidents in a timely and effective manner.
• Collaborate with IT and business stakeholders to ensure security requirements are integrated into all phases of the system development lifecycle.
• Maintain up-to-date knowledge of current and emerging security threats and vulnerabilities.
• Participate in security audits and assessments conducted by internal and external parties.
• Develop and maintain disaster recovery and business continuity plans.
• Manage and maintain security documentation, including incident reports, risk assessments, and security policies.
• Stay abreast of current industry best practices and regulatory requirements related to information security.

Qualifications:

• Bachelor's degree in computer science, Information Systems, or a related field, or equivalent years of experience.
  • Minimum of 7 years of experience in information security or 5+ years with BA/BS.
• Security Clearance Level: Secret
• Possess and maintain a minimum of IAM level III certification IAW the DoD directive 8140.01 Cyberspace Workforce Management such as CISSP, CISM, or CASP.
• Strong understanding of information security principles, practices, and technologies.
• Experience with security frameworks such as NIST, ISO 27001, and HIPAA.
• Hands-on experience with security tools and technologies, such as firewalls, intrusion detection/prevention systems, and vulnerability scanners.

Preferred Qualifications:

• Experience with implementing and managing security tools and technologies, including firewalls, intrusion detection/prevention systems, anti-virus software, and data loss prevention solutions.
• Experience and training with Microsoft Server 2016/ 2019 or newer to include Active Directory, Radius, Cisco Identity service engine, DNS and Group Policy
• Experience and training with virtual environments (VMware, Hyper-V, etc.)
• Familiar with maintaining and operating SQL server, tenable security center (ACAS) Scans, and Microsoft endpoint security,
• Experienced in applying patches/updates and STIGs
• Familiar with eMASS
  • How to upload STIG and ACAS scans.
  • How to manage Plan of Action and Milestones
• Experience with Cyber Security Service Provider implementation
• Experience with DoD Cyber Protection Team

Equal opportunity employer as to all protected groups, including protected veterans and individuals with disabilities

* While an hourly range is posted for this position, an eventual hourly rate is determined by a comprehensive salary analysis which considers multiple factors including but not limited to: job-related knowledge, skills and qualifications, education and experience as compared to others in the organization doing substantially similar work, if applicable, and market and business considerations. Benefits offered include medical, dental and vision benefits; dependent care flexible spending account; 401(k) plan; voluntary life/short term disability/whole life/term life/accident and critical illness coverage; employee assistance program; sick leave in accordance with regulation. Benefits may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions.

#CJ #Dice