Junior Information Systems Security Officer (ISSO)
XOR Security is currently seeking several talented Junior level Information Systems Security Offer to support an Agency-level Advanced Cyber Analytics team.
- Create and maintain Assessment and Authorization (A&A) documentation: Software/Hardware Inventory, Network diagrams, INFOSEC Policies and Procedures, Contingency Plan, Incident Response Plan, and Configuration Management Plans, SCTM, SAR and RAR
- Capture and refine information security requirements for new systems or for enhanced functionality on existing system and ensure that the requirements are effectively integrated into information systems throughout the System Development Life Cycle (SDLC)
- Assist with assessing Information Assurance long term needs and acquisition requirements to accomplish mission objectives
- Implement information security standards and procedures
- Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies
- Evaluate security solutions to ensure they meet security requirements for processing classified information
- Conduct research and testing to ensure existing and evolving products/services meet current Office of the Director of National Intelligence (ODNI) and local authorities security requirements as appropriate
- Advise CIO, CISO, ISSM, management and stakeholders on security-related matters
- Ensure the operational security posture of their systems, they are responsible for the daily security operation of their assigned systems and they advise their partners on specific IT and security policy procedures
- Ensure that management, operational, and technical controls for securing networks are in place and are followed. This includes ensuring that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle, from the requirements definition phase through disposal
- Manage changes to system and assess the security impact of those changes
- Perform COMSEC Custodian duties as required
- Respond to security incidents, and report incidents to the IC SCC, CISO, and the appropriate authorities
- Performed equipment decommissioning and sanitization
- Facilitate Personal Electronic Devices (PED) into and out of the SCIF as required. Assure that all PEDs have been disabled prior to SCIF entry
- Review existing legacy and info-share repositories and update as needed, Co-Use, MOA, ISA, ADT training, account requestors.
- Top Secret Clearance
- Must have 1 - 2 years of professional experience with a bachelor’s degree in a relevant technical field. A majority of the experience in the areas of information assurance (i.e. the 10 pillars of CISSP).
- familiarity with system security support IAW ICD 503 / Risk management Framework (RMF).
- Must have experience and knowledge of DoD, IC, or national level system security initiatives and classified programs and infrastructures;
- Possess effective interpersonal and presentation skills as he/she operates in a client-facing role
- Possess knowledge of how to use the NVD and NIAP portals to review software or hardware vulnerabilities
- Expert knowledge of ACAS (Nessus/Tenable)
- Experience reporting IT Security events/incidents in the time prescribed based on policies and procedures
- Must Possess extensive experience supporting the Intelligence Community (IC)
- Extensive experience with supporting the Joint Worldwide Intelligence System (JWICS)
- Expert knowledge of cloud architecture
- Preferred technical experience effectively provided network and/or system administration, and/ or computer operations
- Knowledge of virtualization.
- Must possess CISSP, CISA or CISM certification
- Active Top Secret Clearance is required
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and TOP SECRET/SCI CLEARANCE REQUIRED.