Description
Direct hire, onsite in Buffalo, salary to $90k
Seeking a full-time, highly motivated Information Systems Security Officer (ISSO) to join our client. The ISSO will provide Information Systems (IS) security support to the Information Systems Security Manager (ISSM) and various Department of Defense (DoD) programs. The successful candidate will work both independently and as a team member, must be self-motivated, reliable, and able to multi-task. The candidate must have strong interpersonal and technical skills and be able to learn quickly. The candidate must be able to respond to non-business hour emergencies. The position may require occasional local and overnight travel.
The candidate must be knowledgeable in computer security principles and policies, including the Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), 32 CFR Part 117 National Industrial Security Program Operating Manual (NISPOM), and Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM).
Primary Responsibilities:
- Configure, support and maintain Linux Red Hat/CentOS, Windows Server and Windows client operating systems and networks in a variety of traditional and virtual environments
- Develop and maintain System Security Plans (SSP) and related documentation such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy
- Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures
- Comply with current cyber security policies and concepts when designing, procuring, adopting, and developing new IS
- Respond to and remediate IS incidents
- Ensure audit records are collected and analyzed in accordance with policies and procedures
- Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation
- Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
- Assist with the development and implementation of an effective IS security education, training, and awareness program
- Prepare for and participate in periodic compliance assessments and inspections
- Ensure account management and configuration documentation is complete, maintained and reviewed on a periodic basis (change tracking, maintenance logs, etc.)
Qualifications:
- Associates degree or higher in Computer Science, Information Technology, Computer Information Systems or related field preferred
- IT security experience in DoD Industrial Security is required (technical experience and skills and industry IT certifications may be considered substitutes for education and DoD security experience)
- Experience with 32 CFR Part 117 (NISPOM), DAAPM, NIST RMF (SP 800-53)
- Technical experience securing networks and systems utilizing Defense Information Systems Agency (DISA) STIGs and/or Security Requirements Guide (SRGs)
- Possess a DoD 8570.01-M IAM II baseline certification or be able to obtain one within 6 months (current CISSP certification preferred)
- Excellent written and verbal communication skills
- Must be able to obtain and maintain a U.S. government security clearance
- The successful candidate will be subject to pre-employment investigation and must meet all eligibility requirements for access to classified information