Information Systems Security Officer (ISSO)
Nellis Air Force Base, Nevada, United States
Full Time Mid-level / Intermediate Clearance required USD 73K - 163K *
Spectrum
MISSION FOCUSED WHAT WE DO Spectrum is a professional services and technical solutions company focused on meeting critical mission challenges for US Defense and Intelligence Agencies, Law Enforcement, Civilian Agencies in Federal,...Information Systems Security Officer (ISSO)
Spectrum is seeking highly qualified Information Systems Security Officer to support our customer at Nellis AFB, NV. In this role you will advise and assist the customer with operational test planning, execution, data analysis and reporting.
Key Roles and Responsibilities:
- ISSO is responsible for manage the cyber security, system administration, and network administration responsibilities for AIS, IAW the Department of Defense Joint SAP Implementation Guide (DoD JSIG) and applicable DoD, Department of the Airforce (DAF), Air Combat Command (ACC), and 57th Wing applicable AIS security polices and regulations.
- Implement and enforce all AF cybersecurity policies, procedures, and countermeasures.
- Accomplish and document weekly system audits and save them for 57th Wing ISSM review.
- Provide AIS & network support to support cyber organizational operational readiness. Accreditation and operational status of all systems and networks shall be 100% current and operational.
- Maintain COMSEC training and appointment for applicable organization(s) COMSEC account(s).
- Perform analysis of network security, based upon the RMF, JSIG NISPOM Chapter 8, and other sources as added or updated, advise customers on IT certification and accreditation issues.
- Advise 57 WG ISSM and government Program Managers (PM) on security testing methodologies and processes.
- Evaluate certification documentation and provide written recommendations for accreditation.
- Reviews systems security to accommodate changes to policy or technology.
- Evaluate IT threats and vulnerabilities to determine whether additional safeguards are needed and report these threats or vulnerabilities to HQ ACC/A8Z, Command Information Assurance Manager.
- Develop and maintain a formal Information Systems Security Program.
- Review and evaluate all certification/accreditation support documentation for proof of acceptable information systems and network security procedures. Based upon review, provide written documentation for accreditation to the 57th Wing ISSM, to include External Information Systems (EIS).
- Ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output.
- Maintain a repository for all system certification/accreditation, documentation, and modification.
- Coordinate AIS security inspections, tests, and reviews. Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within the applicable computer or network system.
- Ensure development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting AIS security training.
- Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed. Assess configuration changes in the system, environment, and operational needs that could affect the accreditation.
- Conduct periodic testing of the security posture of the information systems as required by the DAA. Verify the compliance of the system with the security requirements by demonstrating, inspecting, and analyzing the system’s capabilities and base-line configuration.
- Perform weekly system audits as required by the DAA on multiple systems; work closely with system administrators and ensure current security measures are sufficient and in compliance with approved policies and processes.
- Write Request for Approvals (RFA) for equipment and electronic data being used in off-site locations.
- Participate in self-inspections and Command Compliance Inspections; identify discrepancies and report security incidents as required by the DAA and/or Program Security Officer (PSO).
- Maintain a working knowledge of system functions, security safeguards, and operational security measures. Provide research and analysis in support of expanding programs and areas of responsibility.
Requirements
Experience:
- Be proficient at installing, maintaining, and upgrading the following hardware: PC desktop systems, TACLANE, HP LaserJet printers, LCD projection systems, enterprise servers, network switches, and network patch racks. Contractor shall also be able to assemble twisted pair and install fiber optic network cables.
- Be proficient working with the following software: Microsoft Windows Server, Microsoft Active Directory Services, Domain Name System (DNS), BitLocker, Microsoft Windows Enterprise, Microsoft Office, Jetico BC Wipe, and other software/versions as determined by version and technology updates.
- 3 years of experience with 1 year of RMF experience
Education/Certifications:
- High School Diploma
- Possess and maintain one of the following certifications to be compliant with (722) ISSM Intermediate Level IAW DoD Manual 8140.03 “Cyberspace Workforce Qualifications and Management Program”: CGRC/CAP, CASP+, CCSP, Cloud+, SSCP, Security+, or GSEC. Additionally, the contractor shall have a minimum of one year of direct professional experience with DoD JSIG RMF and network management security requirements.
Security Clearance:
- Active Top Secret Security Clearance with SCI eligibility
- Eligible for SAPs, Restricted Data, Formerly Restricted Data, CNWDI, and any other caveats identified by the customer
- NOTE: shall be subject to random Counter-Intelligence polygraphs to maintain SAP eligibility
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Family Leave (Maternity, Paternity)
- Short Term & Long Term Disability
- Training & Development
- Wellness Resources
- Stock Option Plan
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Audits CASP+ CCSP Clearance Cloud Compliance DNS DoD DoDD 8140 GSEC Monitoring Network security NISPOM RMF SAP Security Clearance SSCP Top Secret Vulnerabilities Windows
Perks/benefits: 401(k) matching Equity Health care Insurance Medical leave Parental leave Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DoD-related jobs