G157 - Mid-level Information System Security Officer - Cleared

• Review Nessus scan results and provide direction where required

• Recognizes potential, successful, and unsuccessful scan results for efficiency in reporting compromises thorough reviews and analyses of relevant event detail and summary information

• Evaluate systems baseline security state verified through Xacta source of record systems

• Review and mitigate liens (POAMs)- continuous assessment

• Collaborate and develop Splunk use case dashboard reporting for security baseline

• Weekly reporting of system health status

• 100% Scan compliance validation for systems

• Maintain 98% asset accountability for in scope systems

• Communicates alerts regarding intrusions and compromises to their network infrastructure, applications and operating systems

• Assists with implementation of counter-measures or mitigating controls

• Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans

• Develops, tests, and operates firewalls, intrusion detection systems, anti-virus systems and software deployment tools

• Safeguards the network against unauthorized infiltration, modification, destruction or disclosure

• Responds to queries and requests for computer security information and reports

• Conducts investigations of computer security violations and incidents, reporting as necessary to management

• Researches, evaluates, tests, recommends, communicates and implements new security software or devices

• Implements, enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunications

• Develops materials for computer security education/awareness programs

• Provides recommendations to clients on information assurance engineering standards, implementation dependencies, and changing information assurance related technologies

• Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance

• Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information

• Provides advanced guidance and leadership to less-experienced team members

• May serve as a team or task leader. (Not a people manager)

• Provides information assurance project management, technical security staff oversight, and development of critical technical documents

• Ensure compliance with regulations and privacy laws

Schedule: Monday through Friday Day Shift

Requirements

TS/SCI with poly required

• 10 years of related experience and a Bachelor's degree (or 4 additional years)
• In addition, position requires Five (5) years of experience as an ISSO on projects of similar scope, type, and complexity are required.
• Experience is to include at least one (1) of the following areas: knowledge of current security tools and hardware/software security implementation; communication protocols; encryption techniques/tools.
• On call required for 24x7 support - Essential personnel
• Strong analytical and problem-solving skills
• Strong communications skills
• Ability to lead and work as part of a team

Must have at least one of these certifications:

• CCNA Security
• CySA+
• GICSP
• GSEC
• Security_ CE
• CND
• SSCP
• CASP+ CE
• CCNP Security
• CISA
• CISSP (or Associate)
• GCED
• GCIH

Benefits

• Health & Life Insurance
• Dental Insurance
• Disability Insurance
• 401K Retirement Plan with Matching
• Tuition Assistance
• Vacation and Sick Leave
• Hiring Bonuses
• Referral Recruitment Program