Abacus Technology is seeking an Information System Security Officer (ISSO) to provide support for a program, organization, system, or enclave’s information assurance program. This is a full-time position.
DULUTH EIT SERVICES: Abacus Technology is hiring immediately for a recently-awarded large, long-term program. Full Scope Polygraph is required. Abacus has been selected as a subcontractor to provide regional enterprise IT services and devices to the end-user workforce of a large Government agency located across the Northeastern United States. IT Services include campus area networks and local area networks supporting end user desktop/laptop/tablet, phone, printers, copiers, and wireless devices. DULUTH interacts with a Global Service Desk and provides data and status for regional enterprise services.
Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assist with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Perform vulnerability/risk assessment analysis to support certification and accreditation. Provide configuration management (CM) for information system security software, hardware, and firmware. Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment & Authorization (A&A) packages, and System Controls Traceability Matrices (SCTMs). Support security authorization activities in compliance with the NIST Risk Management Framework (RMF) and any DoD and IC tailored requirements. Plan and coordinate the IT security programs and policies. Manage and control changes to the system and assessing the security impact of those changes. Obtain A&A for ISs under their purview. Serve as the Approval Authority to validate or approve user authorization for accounts associated with systems under their control. Understand the authorization boundary of systems. Collaborate with System and Network administrators to understand and document data flow and architecture diagrams. Maintain operational baseline of systems under their purview. Provide ongoing Continuous Monitoring to assigned systems. Provide and validate the operational security posture of systems and ensure they are maintained. Manage risks while assigned system is in operation. Perform, coordinate and document security relevant changes. Perform vulnerability assessments to ensure updates and system baseline are enforced. Recognize a possible security violation and take appropriate action to report the incident. Manage protective or corrective measure when an IA incident or vulnerability is discovered. Provide security and awareness oversight and/or training as required. Review of audit reduction tools to monitor and review systems for compliance with IA policy.
5+ years experience as an ISSO including at least 1 year of experience in the following areas: knowledge of current security tools, hardware/software security implementation; communication protocols; and encryption techniques/tools. Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline. Four years of additional ISSO experience may be substituted for degree requirements. Must hold one of the following certifications (or higher based on DoD 8570): A+ with Continuing Education, Cisco Certified Network Associate-Security (CCNA-Security), Network+ Continuing Education, and/or System Security Certified Practitioner (SSCP). Knowledge of security controls, the assessment and applicability to systems. Able to initiate the reauthorization process of a system that needs reaccreditation. Able to decommission a system when it is no longer required. Able to understand the POA&M process as well as track and closeout any outstanding liens. Able to acknowledge and respond to IAVAs and create liens as necessary. Excellent written and verbal communication skills. Excellent leadership skills and teamwork skills. Must be results oriented, high energy, self-motivated. May be required to respond to after-hours requests as required in a 24x7 environment. Must be a US citizen and hold an active/current TS/SCI with Full Scope Polygraph.
Applicants selected will be subject to a U.S. government security investigation and/or polygraph examination and must meet eligibility requirements for access to classified information.