Information Systems Security Officer I with TS/SCI Full Scope Poly

Full Time

Job Description


Information Management Group, Inc. (IMG), founded in 1987, is a fast growing, debt-free small business specializing in the analysis, design, and application of information technology and communications solutions for government and commercial organizations worldwide. We're committed to helping our clients use technology to be more efficient, effective, and productive. For over 35 years, IMG has brought integrity, industry expertise, and technical excellence to every project. Above all, we believe that at the core of our success stands our people.

IMG is hiring a full-time Information Systems Security Officer with TS/SCI FSP at its Columbia, MD location.


The Information System Security Officer II provides support for a program, organization, system, or enclave's information assurance program. Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment & Authorization (A&A) packages, and System Controls Traceability Matrices (SCTMs). Supports security authorization activities in compliance with the NIST Risk Management Framework (RMF) and any DoD and IC tailored requirements.

Key tasks include:
  • Plan and coordinate the IT security programs and policies
  • Manage and control changes to the system and assessing the security impact of those changes
  • Obtain A&A for ISs under their purview
  • Provide support for a program, organization, system, or enclave's IA program
  • Serve as the Approval Authority to validate or approve user authorization for accounts associated with systems under their control
  • Understand the authorization boundary of systems
  • Collaboration with System and Network administrators to understand and document data flow and architecture diagrams
  • Knowledge of security controls, the assessment and applicability to systems
  • Maintain operational baseline of systems under their purview
  • Provide ongoing Continuous Monitoring to assigned systems
  • Provide and validate the operational security posture of systems and ensure they are maintained
  • Ability to initiate the reauthorization process of a system that needs reaccreditation
  • Ability to decommission a system when it is no longer required
  • Manage risks while assigned system is in operation
  • Ability to acknowledge and respond to IAVAs and create liens as necessary
  • Ability to understand the POA&M process as well as track and closeout any outstanding liens
  • Perform, coordinate and document security relevant changes
  • Perform vulnerability assessments to ensure updates and system baseline are enforced
  • Recognize a possible security violation and take appropriate action to report the incident
  • Manage protective or corrective measure when an IA incident or vulnerability is discovered
  • Provide security and awareness oversight and/or training as required
  • Review of audit reduction tools to monitor and review systems for compliance with IA policy
  • Candidate may be required to respond to after-hours requests as required in a 24 x 7 environment


Clearance Required: TS/SCI with Fullscope Poly

Certifications Required:
  • DoD 8570 compliance with Information Assurance Management (IAT) Level I or higher is required.
  • Any of the following or higher certification; A+ with Continuing Education, Cisco Certified Network Associate-Security (CCNA-Security), Network+ Continuing Education, System Security Certified Practitioner (SSCP)

Education/Years of Experience: Five (5) years' experience as an ISSO on programs and contracts of similar scope, type, and complexity is required. Bachelor's degree in Computer Science or related discipline from an accredited college or university is required. Four (4) years of additional experience as an ISSO may be substituted for a bachelor's degree.

Experience is to include at least one (1) of the following areas: knowledge of current security tools, hardware/software security implementation; communication protocols; and encryption techniques/tools.

COVID-19 Regulations: As required by Executive Order 14042 and the guidance provided by the Federal Workforce Task Force, all federal contractor employees are required to be fully compliant with customer COVID-19 regulations. IMG will provide additional information regarding these requirements and how you can request an exception if needed.

  • Health, dental, vision, and life insurance
  • Short term and long term disability insurance
  • 401(k) with generous company match
  • Flexible Spending Accounts (FSA) and Health Savings Accounts (HSA)
  • 15 days of personal leave plus paid federal holidays
  • Professional development and training assistance

Information Management Group, Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
Dice Id : 10119051
Position Id : 4753
Originally Posted : 2 months ago
Have a Job? Post it