GENERAL JOB SUMMARY:
Responsible for the development and administration of information systems security procedures, compliance, auditing, security plan development, perform self-inspections, certify systems in accordance with the ICD 503 and NIST SP 800-53. Upon hire, the successful candidate must be willing to go through the process of obtaining a CI Poly.
ESSENTIAL JOB FUNCTIONS:
Enforce IA policy, guidance, and training requirements per AR 25-2 and identified BBPs.
Ensure implementation of IAVM dissemination, reporting, and compliance procedures.
Ensure all users meet the requisite favorable security investigations, clearances, authorization, need-to-know, and security responsibilities before granting access to the IS.
Ensure users receive initial and annual IA awareness training.
Ensure log files and audits are maintained and reviewed for all systems and that authentication (for example, password) policies are audited for compliance.
Prepare, distribute, and maintain plans, instructions, and SOPs concerning system security.
Review and evaluate the effects on security of system changes, including interfaces with other ISs and document all changes.
Ensure that all ISs within their area of responsibility are certified, accredited and reaccredited.
Maintain and document CM for IS software (including IS warning banners) and hardware.
Pre-deployment or operational ISSOs will ensure system recovery processes are monitored and that security features and procedures are properly restored.
Pre-deployment or operational ISSOs will maintain current software licenses and ensure security related documentation is current and accessible to properly authorized individuals.
Tenant ISSOs will support and assist tenant IAMs (or the installation IAM if no tenant IAM exists).
Report security violations and incidents to the servicing RCERT in accordance with Section VIII, Incident and Intrusion Reporting.
Current active TS/SCI Clearance required
High School Diploma
3 years minimum on the job related experience needed
McAfee Host Based Security System (HBSS), Nessus, Security Center
Requires IAM level III; candidates must have one of the following: GSLC, CISM, CISSP or CISSP Associate