Description

• Work with the IT/Security staff and Facility Security Officer (FSO) to ensure the highest level of security
• Familiar with Assessment and Authorization (A&A) process
• Maintain the Information Systems (IS) security program and policies for assigned area of responsibility
• Manage the oversight of operational IS security implementation policy and guidelines
• Oversee/conduct periodic testing to evaluate the security posture of the IS
• Ensure approved procedures are used for sanitizing and releasing system components and media
• Manage/assist with the development and implementation of an effective IS security education, training, and awareness program
• Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
• Assist the FSO and the Insider Threat Program Senior Official (ITPSO) in ensuring that insider threat awareness is addressed
• Oversee/assist with the maintenance and execution of the Information Security Continuous Monitoring (ISCM) plan
• Ensure user activity monitoring data is analyzed, stored, and protected in accordance with the ITPSO policies and procedures
• Ensure compliance of current Information Assurance (IA) policies, concepts, and measures when designing, procuring, adopting, and developing new IS
• Manage/assist with data transfer responsibilities in the IDT lab and in nearby US Government sites
• Possess technical competence commensurate with the complexity of the IS; must complete additional required training within one year of appointment
• Be familiar with program inception requiring new Classified Information Systems
• Manage requests that involve system and area co-utilizations and joint-use
• Lead a team of ISSOs and Security administrators through the RMF process and provide tasking to keep programs on schedule
• Other duties as assigned

• Bachelor’s degree in Computer Science, Information Technology, or equivalent
• 8+ years’ experience, preferably in a security position
• Meets DoD 8570.1 Certification Requirements for IAM level III (CISM, CISSP)

• Active Directory, networking, system functions, security policies, technical security safeguards, manual STIGs and operational security measures
• VMware VSphere, VMware View
• Linux (Red Hat), Windows Server
• National Industrial Security Program Operating Manual (NISPOM) requirements—and the ability to work with other ISSMs to implement and maintain systems per NISPOM standards
• Patch management
• Vulnerability Analysis
• Application of Data at Rest compliance
• COMSEC (Communications Security) experience and training a plus.
• Working knowledge of the Risk Management Framework (RMF) and associative standards and guidelines
• Working knowledge of Controlled Unclassified Information (CUI) and guidelines to include but not limited to 800-171 and Cybersecurity Maturity Model
• Ability to travel approximately 15%

• Excellent verbal and written communication skills
• Attention to detail with high level of accuracy and confidentiality
• Initiative, reliability, teamwork and customer service orientation
• Strong organization and planning skills