Sr. Information System Security Officer with Security Clearance

---

Job description

• Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves.
• Provide guidance and technical expertise on all matters that impact or effect the security of the information system.
• Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis.
• Developing, updating, and submitting the System Security Plan and other required documentation that make up the Security Authorization Package.
• Conduct configuration management for security-relevant changes to software, hardware, and firmware.
• Perform and deliver security impact analyses of changes to the system or its environment of operation.
• Assess the effectiveness of system security controls on an ongoing basis to determine system security status.
• Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments.
• Provides configuration management for security-relevant information system software, hardware, and firmware. " Education and Experience:
• 10 years of related work experience in the field of security authorization.
• A Bachelor's degree in Computer Science, Information Technology Engineering, or a related field may be substituted for 4 years' experience.
• DoD 8570.1 compliant IAM Level I certification, such as the CompTIA Security+ certification. A higher-level certification, such as GSLC, CAP, CASP, CISM and/or CISSP will also be accepted.
• A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37 and familiarity with the ICD503, CNSSI1253, SP800-53, etc.
• Knowledge of commercial security tools and their uses.
• Experience with hardware/software security implementations.
• Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services.
• Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance.
• Experience creating and presenting documentation and management reports.
Preferred:
• Should have experience working with the XACTA IA Manager.
• Should be highly analytical and effectively able to troubleshoot and prioritize needs, requirements, and other issues."

<!– job description page –>