Information Systems Security Officer (ISSO)





The Information Systems Security Officer (ISSO) is a hands-on position that requires knowledge of information assurance principles and regulatory guidance to develop, certify, accredit, and maintain information systems that are integral to our customers, our business, and the success of our security program. The position is located at the company Headquarters in Fairfax, VA.

Duties and Responsibilities:
Provide input in developing and maintaining company and customer IT architectures.
Support the development, implementation, and managing of a formal Information Security/Information Systems Security Program.
Contribute to the development and maintenance of an Information Systems. Security/Education/Training/Awareness (SETA) program.
Assist with the development, implementation, and enforcement of Information Security Policies and Procedures.
Prepare, review, and oversee all Information Systems Security Plans (SSP’s) and the Certification/Accreditation of each (IATO’s and ATO’s).
Help coordinate Information Security Inspections and Incident Response.
Ensure proper Protection and/or Corrective Measures have been taken when an Incident or Vulnerability has been discovered.
Perform Risk Assessments.
Conduct regular audits of systems; reviews event logs to detect security issues.
Apply patches to systems.
Support the maintenance of software applications, hardware, and specialized tools.
Conduct investigations and develop investigative reports when needed.
Provide training to system users on IS Security policies and procedures.
Research new technology and stay current with regulatory updates and releases.
Work in concert with the Facility Security Officer as required.
Liaise with client and oversight agency security authorities.

Minimum Requirements

This position requires an Active Top Secret Clearance and the ability to obtain SCI
Must be able to maintain a US Government security clearance
Bachelor’s Degree in a related field or corresponding certification
Minimum of 3 years of ISSO experience
Working knowledge of Information Security governing regulations (NISPOM Chapter 8, ICD-503, JAFAN, NIST 800-53, and ODAA Process Manual)
Extensive knowledge and administration of Windows based environments
Practical knowledge of security technologies (encryption, data protection, privileged access)
CompTIA Security+ Certified

Desired Requirements

CISSP or CISM Certified
Defense Security Service (DSS) Chapter 8 Certification
Experience working with classified networks.
Experience with network engineering.