Information System Security Officer(ISSO) I
Chiron Technology Services, Inc. - , MD
Apply NowJob Description
Chiron Technology Services, Inc. currently has an Information System Security Officer I career opportunity in the Annapolis Junction, MD area. An active TS/SCI w/Polygraph Clearance is required for this position.Requirements:Minimum 5 continuous years of work experience in Information Systems Security or a related field.Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university. Four (4) years of additional ISSO experience may be substituted for a Bachelor's degree.Qualifications:Conduct continuous monitoring of authorized, operational information systems (IS) to assess the effectiveness of security controls in an information system, on an ongoing basis, to determine system security status, which includes:Conducting configuration management and assist the Government with the control of information system componentsProviding security impact analyses of changes to a system or its environment of operationConducting ongoing assessments of security controlsRecommend security policies to the Government; execute technical security safeguards and operation security measuresAccess data, control information, software, hardware, and firmwareComplete and maintain documentation for Security Authorization of each ISUpdate System Security Plans (SSPs) each time the posture (e.g., hardware and software) of an IS is modified; if the modification(s) trigger a reauthorization, the contractor shall review and update all documentation for Security AuthorizationAssist the Government in determining how modifications and/or introduction of new technology will impact the performance and security of their system(s)Obtain Security Authorization for ISS; operate and maintain authorized ISS in accordance with the approved SSPProvide recommendations to the Government concerning NSA/CSS authorized users access to the ISS; inspect for appropriate clearances, indoctrinations, and validate need-to-know for informationDetermine whether all remote and network connections meet or exceed the ISS requirements of the IS; report findings to the GovernmentAdminister the user identification and authentication mechanisms of the IS; when direct control of these mechanisms is not feasible, coordinate with the Government to recommend a manner in which the mechanisms can be used most effectivelyRemove user accounts once access to the IS is no longer requiredObtain proper approvals and follow proper purging procedures when storage devices or other components capable of storing data are prepared for releaseIdentify the appropriate color-coded classification and monitoring label stickers on all computer monitors and CPU unit/containersProvide the Government, in writing, any security weaknesses identifiedRecommend security improvements for the ISAssist the Government in applying physical and operational procedures to prevent a compromise of IS security, or negation of its Security AuthorizationReview the IS security audit documents in accordance with NSA/CSS policy and proceduresImmediately report all security incidents involving ISs in accordance with NSA/CSS policies and procedures for computer security incidentsAdvise authorized users of security features and procedures used on the ISAssist the Government to ensure that maintenance personnel are granted only those privileges required to perform their jobUse configuration management to maintain and protect the security posture of the IS; coordinate all changes to the operating systems software or applications software with the GovernmentIn coordination with the Government, participate in configuration control board activitiesMaintain records on ISs, outlining required patches/system upgrades that have been accomplished throughout an IS' s life cycleIn the Government's internal tracking system, maintain records for workstations, servers, routers, firewalls, intelligent hubs, network switches, and telephony equipment; include in the records: POC, action taken (referencing any IAVA, CERTs involved), and date action completedAssist the Government with implementing and managing the Information Assurance (IA) ProgramTrack and report organizational trends in the XACTA Information Assurance Manager (XIAM) Tool with regard to the security posture of systems, and work with the Government to resolve deficiencies or problemsAssist the Government in managing common control families, as defined in CNSS Instruction No. 1253, dated October 2009Provide guidance/recommendations to the Government on IA best practices and procedures, compliant with the Risk Management FrameworkServe as the IA liaison to the GovernmentWork with the NSA Information Security Incident Response Team (NISIRT) and oversee resolution of computer security incidents and vulnerability complianceAssist the Government in the development and review of Intelligence Community (IC) and NSA/CSS policyProvide IA Workforce Improvement Program (IAWIP) support for the GovernmentProvide communications support on non-system specific OISS plans, policies, or proceduresProvide the Government assistance with special interest security activitiesReview and provide recommendations for cross-domain transfersProvide and evolve the existing Information System Security Officer (ISSO) Registration Tool in order to 1) qualify ISSOs based on experience level, skill sets, and certifications; 2) provide a fully qualified ISSO workforce that is registered, ISSO compliant, and validated with continually improving skill sets; 3) provide Information and System Security Risk Management, TS3 Management, an assessment tool to make decisions based on the ISSO workforce demographics, in order to enable effective global problem solving, logically and physically.As needed, respond to off duty calls for assistance with broken or non-functioning ISWe are an EEO/AA Employer. We do not discriminate in hiring on the basis of race, color, national origin, sex, gender identity, sexual orientation, religion, age, disability, protected veteran status, or any other characteristic protected by federal, state or local law. If you need a reasonable accommodation for any part of the employment process, please contact us by email at , let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.
Created: 2024-09-07