Information Systems Security Officer

Information Systems Security Officer (ISSO)

📍 Location: Fort Meade, MD
🔒 Clearance Required: TS/SCI with Full Scope Polygraph

Description:
Provides support for a program, organization, system, or enclave’s information assurance program. Supports the development, coordination, implementation, and enforcement of information systems security policies, standards, and methodologies. Maintains the operational security posture of an information system or program to ensure policies, standards, and procedures are properly established and followed.

Assists with managing the security aspects of information systems and performs day-to-day security operations. Evaluates security solutions to ensure compliance with requirements for processing classified information. Conducts vulnerability and risk assessments to support certification and accreditation (C&A) efforts. Provides configuration management (CM) for security software, hardware, and firmware. Manages system changes and assesses their security impact.

Prepares and reviews documentation including System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Supports security authorization activities in accordance with the NIST Risk Management Framework (RMF).

Responsibilities:

• Support senior ISSOs in enforcing information systems security policies and standards

• Assist with developing and maintaining security documentation

• Help evaluate security solutions for classified information systems

• Support configuration management for security software, hardware, and firmware

• Maintain system security records and update system components as needed

• Develop/maintain C&A documentation per ODNI and DoD policies

• Provide CM for security-relevant software/hardware

• Develop and enforce system security policies

• Maintain operational security posture

• Support ISSM in maintaining IA posture

• Develop and update SSPs and other IA documents

• Perform daily security operations tasks

• Manage user identification and authentication mechanisms

• Support and maintain system C&A status

• Plan and coordinate IT security programs and policies

• Manage change control and security impact assessments

• Serve as Approval Authority for assigned systems

Qualifications:

• 10 years of experience as an ISSO supporting similar programs

• Experience must include at least two areas:

  • Security tools knowledge

  • Hardware/software security implementation

  • Communication protocols

  • Encryption tools/techniques

• Bachelor’s degree in Computer Science or related field (or 4 additional years of ISSO experience)

• DoD 8570 IAM Level I (or higher) required

• Active TS/SCI with Full Scope Polygraph clearance