Information Systems Security Officer (ISSO)

Intelligence Analysis Alexandria, Virginia Job ID: 2017-48


Description

STG, Inc. has an immediate opportunity as an Information Systems Security Officer (ISSO) located in Alexandria Virginia. This position will support Customs and Border Patrol, which provides cutting edge Information Assurance and Security Services.

 

Information Systems Security Officer (ISSO) and the Subject Matter Expert (SME) to evaluate the security Posture of the systems and report findings continuously to management.  

Authorization To Operate (ATO): Provide support and actions required services to complete required ATO activities on designated software systems.

 

Plan of Action and Milestones (POA&M): support for review of select controls, using an automated self-evaluation remediation and tracking tool. Identified vulnerabilities will be addressed as part of the POA&M process.

 

Generating FISMA related documentation using Information Assurance Compliance System (IACS) to complete and update of the automated security self-evaluation and remediation tracking questionnaire regarding system controls.

 

Contingency Drills: support services to complete the necessary updates and reports for the required annual Contingency Plan Test as well as Agency wide annual DR exercise drill.

 

Document the framework and guidance needed to unify the existing IT Security elements into a cohesive, centrally managed, responsively Governance Organization. Specify the IT Security policies, processes and initiatives that will reinforce the governance.

 

Minimum Qualifications:

Clearance: 

  • Position requires a CBP security clearance

 

Required Skills:

  • Must be a US citizen in order to be eligible for the CBP clearance (good credit)
  • 5-10 years of experience directly performing Certifications and Accreditations.
  • Working knowledge of general Information Assurance (IA) requirements, processes, mechanisms, techniques, and methodologies.
  • General knowledge of the FISMA guidelines.
  • Specific knowledge of NIST guidelines, including FIPS-199, Special Publication 800-53, 800-18, 800-30, 800-37, 800-60.
  • Experience Conducting Risk Assessments.
  • Understanding on network management and configuration concepts.
  • Background using and interpreting results from Vulnerability Assessment tools.
  • Specific knowledge of network and systems security.
  • General knowledge of OMB regulations, including OMB A-130.
  • Ability to analyze and define Automated Information Security (AIS) requirements.
  • Working knowledge of determining security categorization for a variety of information types.
  • Ability to perform risk assessments and security audit services.
  • General knowledge of Disaster Recovery concepts
  • General knowledge of Contingency Planning concepts.
  • Excellent analytical skills required.
  • Excellent oral and written communication skills required.
  • Ability to work independently and in a team environment.
  • Knowledge and experience Risk Management Framework (RMF)
  • Completion of specialized IT Security training programs or courses desirable.

 

  • English fluency. Written and verbal.

 

 

Education:

  • BS/BA in Computer Science or directly related field (e.g., Information Technology, Information Science, etc) +10 years of related experience OR in lieu of degree, an addl. 4 years of technical experience is required.

 

Certification Requirements:

  • n/a

 

Preferred Qualifications:

  • CBP clearance or current DoD Security clearance

 

Desired Skills:

  • Masters Degree