Professional Solutions, LLC

Information Systems Security Officer (ISSO)

US-VA-Quantico
3 months ago
Secondary Job Title
N/A
Category
Cyber Security

Overview

PSA is seeking an Information Systems Security Officer (ISSO) in support of the FBI. The ISSO is responsible for implementing and following FBI and Federal Information Assurance policies and guidelines for securing FBI information systems.

 

The candidate must have the ability to operate effectively under pressure adhering to the ProSol Core Values of Agility: rapid adaptation to the changing requirements and environment of our clients; Excellence: Service quality that exceeds the expectations of our clients; Integrity: Accountability and honesty−always doing the right thing; and Long Term Commitment: Unquestioned loyalty and dedication to our clients, partners and employees.

 

Responsibilities

  • Ensuring that Stakeholders adhere to Federal Information Assurance policies and procedures to acquire and maintain an Information System's Authority to Operate (ATO) under The Federal Information Security Management Act (FISMA) of 2002 following NIST 800-53 guidelines and NIST 800-53a security controls assessment practices.
  • Guide systems engineering design and development toward a "baked-in" security design using Information Assurance best practices as well as FBI-specific policies and guidelines.
  • Expert knowledge and hands-on experience with FISMA Systems, NIST 800-series guidelines, Intelligence Community Directive 503 (ICD 503), Committee on National Security Systems (CNSS) Instructions, FIPS, C&A requirements and processes, Continuous Monitoring Framework experience and its tools, Plan of Action & Milestones (POA&M) policies, and vulnerability/patch management.
  • Proficient with vulnerability and scanning tools and well-versed in interpreting risk posture resulting from assessment reports. Experience in project management and tracking, and the Microsoft suite office products.
  • Following IAPS processes regarding people management and project management (performance management, planning, scheduling, etc.).
  • Guide engineering development for the security design using IA enabled products.
  • Maintain up to date documents such as procedures, work instructions, plans and manuals

Qualifications

  • Solid technical foundation as well as practical and programmatic overall security experience
  • One of the following certification required: CISSP, CISM, CAP or GSLC.
  • Excellent customer service.
  • Experience using scanning tools/devices.

Preferred Skills:

  • FISMA, NIST, and/or C&A experiences.
  • Risk assessment experience, especially with NIST 800-503 Threat Identification, system security categorization, gap analysis, compliance reporting.
  • Security analysis experience, especially trend analysis, incident response, encryption.
  • Security assessment experience doing vulnerability scanning, penetration testing system hardening, system integration, packet sniffing.
  • Software development experience a plus given the unit supporting.
  • Must be able to apply and validate patches.
  • Develop, track, create, and manage POA&Ms.
  • Able to handle site accreditation.
  • Operational security experience a definite plus.
  • Security plan knowledge and creation experience a definite plus.
  • Knowledge of and experience with quality assurance and continuous monitoring,
  • Experience working in SCIP a plus.
  • Knowledge in INFOSEC Assessment Methodology/Evaluation Methodology (NSA IAM/NSA IEM).
  • Contribute to the accuracy and efficiency of analysis operations through technical innovation, procedural refinement, training of analysts and analyst oversight.
  • Accountable for the real-time analysis, commentary and handling of security events.
  • Demonstrate the analysis system and analyst capabilities.

Education & Experience Requirements

  • Expert level knowledge of FISMA, NIST, previous C&A experience, continuous monitoring experience, vulnerability management, scanning, risk management, project management, proficient with Microsoft products - Word, Excel, PowerPoint.
  • Cyber incident response reporting and procedures
  • Previous DOD cybersecurity background; preferred

Security Clearance

Top Secret

Additional Clearance Information

  • Must be SCI eligible

Physical Demands

Work is primarily performed in an office environment. Typically employees sit comfortably to do their work, interspersed by brief periods of standing, walking, bending, carrying papers and books, and extensive periods requiring the use of computer terminals to accomplish work objectives.

Schedule

  • Monday - Friday

Standard Work Hours

  • Core hours: 8:00 am - 5:00 pm

Travel Expectations

  • About 20%

Travel Schedule

  • Based on the needs of the government

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed