Information Systems Security Officer
Input Staffing LLC
- Andrews Air Force Base, MD
Input Staffing is searching for an ISSO to join our team at Andrew's Air Force Base in Maryland!
- Responsible for ensuring appropriate operational security posture is maintained.
- Implement and enforce all Air Force cybersecurity policies, procedures, and countermeasures.
- Maintain all authorized user access control documentation IAW applicable AF Records Information Management System (AFRIMS).
- Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRGs)).
- Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.
- Coordinate changes or modifications with the Information System Security Manager (ISSM) and/or the Security Control Assessor (SCA).
- Initiate exceptions, deviations, or waivers to cybersecurity requirements.
- Assist the ISSM in meeting duties and responsibilities.
- Implement and enforce all DoD cybersecurity policies and procedures, as defined by cybersecurity-related documentation.
- Ensure all users have requisite security clearances and access authorization.
- Initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities.
- Ensure all DoD cybersecurity-related documentation is current and accessible to properly authorized individuals.
- Implement the Risk Management Framework (RMF) across multiple programs in accordance with National Institute of Standards and Technology (NIST) and Air Force policy and directives.
- Develop artifacts and supporting evidence to satisfy all applicable RMF Controls and corresponding Control Correlation Identifiers (CCI’s).
- Develop and/or update the Plan of Action and Milestones (POA&M) to document all known vulnerabilities to correct or mitigate risks.
- Manage system authorization packages and ATO’s using Enterprise Mission Assurance Support Service (eMASS).
- A current DoD 8570 IAM Level II certification (CAP, CASP CE, CISM, CISSP, GSLC) is required.
- Active, in-scope US Government issued Top Secret clearance the ability to obtain SCI eligibility
- Due to the nature of the work and contract requirements, US Citizenship is required.
- IAM Level III Certification (CISM, CISSP, GSLC).
- Five years direct experience in the last seven years.
- Functional knowledge of DoD and Air Force cyber policies and directives.
- Knowledge of US Government security regulations and methodologies, FISMA, FedRAMP, and NIST special publications.
- Experience creating DOD RMF packages and associated work products and managing them through the program lifecycle.
- Familiar with eMASS and associated workflows.
- Familiarity with coalition and multi-national information sharing systems, policies, and environments.
- Experience with the Cross Domain Solution (CDS) authorization process
- Bachelor's Degree in a related discipline (e.g. Computer Science, Computer Information Systems, Math, Engineering).
- With at least fifteen (15) years of general experience of which ten (10) years is directly related experience, a degree is not required
Tuesday, February 16, 2021