Information Assurance III (ISSO) AL with Security Clearance

---

Job description

Description Position Title: Information Assurance III (ISSO) Location: Maxwell/Gunter Airforce Base, AL Clearance level: TS/ SCI Eligible Responsibilities (including but not limited to): Prior experience as an Information System Security Officer (ISSO) or Information System Security Manager (ISSM) supporting classified programs. Experience in assessing and documenting test or analysis data to show cybersecurity compliance. Performs security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards. Implements the Assessment and Authorization (A&A) processes under the Risk Managed Framework (RMF) for new and existing information systems. Maintain a current authorization to operate (ATO), and approval to connect (ATC) (if required), and in implementing corrective actions identified in the plan of action and milestones. Facilitates development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA) and Risk Acceptance Letters. Develop an Information System Continuous Monitoring (ISCM) strategy and monitor any proposed or actual changes to the system and its environment to maintain compliance. Audit systems to ensure security posture integrity. Conduct assessments and test/analysis data to document state of compliance with security requirements. Conduct risk assessments and investigations, recommend implementation of risk mitigations, and coordinate incident response activities. Conduct periodic hardware/software inventory assessments. Supervise the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures. Manages assigned team to facilitate effective execution of Risk Management Framework (RMF). Coordinate and participate in security assessments and audits. Prepares, reviews, and presents technical reports and briefings. Register, maintain, verify, submit exceptions, conduct annual review, or decommission systems ports, protocols, and services (PPS) as necessary to ensure compliance with the DoD PPS Category Assurance List (CAL) and DoD PPS Vulnerability Assessment reports. Qualifications High School diploma or GED. 5+ years of experience with DoD cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. NIST SP 800 series, CNSSI 1253. Must possess a Top Secret Clearance with SCI eligibility. Certification Authorization Professional (CAP) AND DISA ACAS Supervisor and Operator Course AND DISA Enterprise Mission Assurance Support Service (eMASS) AND (CISSP OR CISM). 3+ years of experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, Audit Tools, ESS, eMASS, PPS.

<!– job description page –>