Job Description
Labor Category: Information System Security Officer
Level Minimum/General Experience:
· No Degree: 7 years of Cybersecurity & Federal Information Security Modernization Act (FISMA) experience
· Bachelor’s degree: 5 years of Cybersecurity & FISMA experience
· Master’s degree: 4 years of Cybersecurity & FISMA experience
· 1 Year of CSAM Experience
Functional Responsibility:
· Applies specialized knowledge of sensitive system Cybersecurity requirements and Privacy Act requirements.
· Applies specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with NIST’s Risk Management Framework and the Federal Risk and Authorization Management Program (FedRAMP).
· Applies specialized knowledge and experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, Federal Information Processing Standards (FIPS), and NIST guidelines
· Applies knowledge of NOAA Information Security Policy Directives and Handbooks is preferred.
· Applies knowledge and experience with standard IA concepts, practices, and procedures. Working independently to solve problems quickly and completely.
· Applies specialized experience with three (3) of the four (4) following criteria is required:
o Vulnerability scanning execution, assessment, and analysis
o Operating system and network knowledge (i.e., Local Area Networks [LAN], Wide Area Networks [WAN], Cloud Infrastructures)
o Information security and assurance principles (e.g., Zero Trust) and associated supporting technologies
o Application security, database security, and network security
· Possess ability to assess and weigh current and evolving security threats in an operational environment.
· Possess good oral and written communication skills.
· Team player who can collaborate with multiple stakeholders to arrive at the best solution.
· Experience with cloud environments and controls.
Minimum Education: Possesses one of the following professional security certifications or can be obtained within six (6) months of hire:
· Certified Information System Security Professional (CISSP)
· CompTIA Advanced Security Practitioner (CASP)
· CompTIA Security+ CE
· Certified Information Systems Auditor (CISA)
· Certified Information Security Manager (CISM)
Secret Clearance Preferred!
Labor Category: Information System Security Officer III Minimum/General Experience:
· No Degree: 10 years of Cybersecurity & FISMA experience
· Bachelor’s Degree: 8 years of Cybersecurity & FISMA experience
· Master’s degree: 6 years of Cybersecurity & FISMA experience
· At least 1 Year of CSAM Experience
Functional Responsibility:
· Applies extensive knowledge of a variety of the Cybersecurity field’s concepts, practices, and procedures to ensure the secure integration and operation of all systems.
· Applies extensive experience with the implementation of the NIST SP 800 family of publications, particularly those associated with NIST’s Risk Management Framework and FedRAMP.
· Applies extensive specialized knowledge of financial audit standards, classified system IA requirements and Privacy Act requirements.
· Applies extensive experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines.
· Applies extensive knowledge and experience with all of the following criteria:
· Vulnerability scanning execution, assessment, and analysis
· Operating system and network knowledge (i.e., Local Area Networks [LAN], Wide Area Networks [WAN], Cloud Infrastructures)
· Information security and assurance principles (e.g., Zero Trust) and associated supporting technologies
· Application security, database security, and network security
· Relies on extensive experience and judgment to plan and accomplish goals.
· Works independently to solve problems quickly and completely.
· Possess experience in supporting, monitoring, testing, and troubleshooting hardware and software IA problems.
· Possess ability to assess and weigh current and evolving security threats in an operational environment.
· Outstanding problem solving and analytical skills, including ability to create clear observations, analysis and conclusions based on customer interviews and data.
· Team player who can collaborate with multiple stakeholders to arrive at the best solution.
Minimum Education: Possesses one of the following professional security certifications:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Ethical Hacker (CEH)
• CompTIA Advanced Security Practitioner (CASP)
• Systems Security Certified Practitioner (SSCP)
• Certified Information Systems Auditor (CISA)
Secret Clearance Preferred!