Security/Facility Security Officer (FSO)

Information Systems Security Officer (ISSO)


SRC, Inc. is currently seeking an information systems security officer (ISSO). As an ISSO, you will ensure that operational security is maintained for SRC's information systems (IS) in accordance with internal security policies and our system security plan.

 

Responsibilities

  • Ensure systems are operated, maintained and disposed of in accordance with internal security policies and the system security plan
  • Ensure that all users have the requisite security clearances, authorization need-to-know, and are aware of their security responsibilities before being granted access to IS
  • Report all security-related incidents
  • Initiate protective or corrective measures when security incident or vulnerability is discovered
  • Develop and maintain a system security plan (SSP)
  • Conduct periodic reviews to ensure compliance with SSP
  • Ensure configuration management for security-relevant IS software, hardware and firmware is maintained and documented
  • Ensure system recovery processes are monitored to ensure security features and procedures are properly restored
  • Ensure all IS security-related documentation is current and accessible to properly authorized individuals
  • Formally notify the appropriate individuals when changes occur that might affect accreditation
  • Ensure that system security requirements are addressed during all phases of the system life cycle
  • Follow procedures for authorizing software, hardware and firmware use before implementation on the system
  • Create/provide security education and awareness training to cleared employees

 

Position Requirements

  • Bachelor’s degree and three (3+) years related secure information system experience, or any equivalent combination of education, training and experience in lieu of degree
  • Working knowledge of system functions, security policies, technical security safeguards, and operational security measures
  • Hold U.S. government security clearances/access approvals commensurate with level of information processed by the system
  • Administrative knowledge of Microsoft operating systems
  • Strong documentation skills
  • Experience with LINUX variants such as CentOS
  • Strong customer service skills
  • CISSP, Security +, ISP certification a plus
  • Working experience with RMF, ICD 503, CNSSI 1253, NIST SP 800-53/53A, STIGs, NISPOM Chapter 8, DAAPM Manual

  • Location Syracuse, New York
  • Employment Type Full-Time Salaried
  • Experience Required 3+ Years
  • Education Required Bachelors Degree
  • Security Clearance Requirement Secret
  • Travel % 10