Address
Form of workThe ISSO is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This also will include physical and environmental protection, personnel security, incident handling, and security training and awareness.
It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts.
The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include:Assist the ISSM in meeting their duties and responsibilitiesPrepare, review, and update authorization packagesEnsure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and mediaNotify ISSM when changes occur that might affect the authorization determination of the information system(s)Conduct periodic reviews of Information Systems to ensure compliance with the security authorization packageCoordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the changeMonitor system recovery processes to ensure security features and procedures are properly restored and functioning correctlyEnsure all IS security-related documentation is current and accessible to properly authorized individualsEnsure audit records are collected, reviewed, and documented (to include any anomalies)Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned dutiesExecute the cyber security portion of the self-inspection, to include provide security coordination and review of all system assessment plansIdentify cyber security vulnerabilities and assist with the implementation of the countermeasures for themPrepare reports on the status of security safeguards applied to computer systemsPerform ISSO duties in support of in-house and external customersConduct security impact analysis activities and provide to the ISSM on all configuration management changes to the authorization boundariesThorough knowledge of Microsoft Windows 2012R2 Server, Microsoft Exchange Server 2010/2016, Microsoft Windows 7/10 operating systems (OS) administration and associated hardware.Thorough knowledge of CISCO network and switching and routing.Thorough knowledge of virtualization technologies such as VMware 6.5 and VDI.Working knowledge of Active Directory, Group Policy, and security hardening.Working knowledge of Local Area Network (LAN) and Wide Area Network (WAN) technologies and data backup technologies to include communication security (COMSEC) integration.Working knowledge of Risk Management Framework, Common Criteria, and System Security Policy as they relate to C&AThorough knowledge of and current relevant experience with PL1 & PL2 systems; experience with PL3 & PL4 cross domain solutions is a plusMust having working knowledge of DoD, National and applicable service and agency security policy, manuals and standards. Ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partnersMust be able to regularly lift up to 50 lbs.Experience:10 - 12 years related experience, SAP experience requiredPrior performance in roles such as ISSO, ISSM, SCA or SAP IT DirectorEducation:Bachelor’s degree in a related area or equivalent experience (4 years)Certifications:IAT Level II - required to Start (Security+ CE, CCNA Security, etc.)Security Clearance:TS/SCI requiredMust be able to Attain – TS/SCI with CI Polygraph #GDITpriority #AirforceSAPOpportunities
