Logo
TekSynap

Information Systems Security Officer

TekSynap, Washington

Save Job

Responsibilities & Qualifications

RESPONSIBILITIES

The Information Systems Security Officer is expected to be able to:

  • Support Engineering and Operations network solutions and strategic adherence to all aspects of the Information Assurance (IA) program as stipulated by various U.S. Government requirements including (but not limited to): Director of Central Intelligence Directives (DCID), IC Directive (ICD) 503 and associated NIST publications.
  • Preparation of Assessment and Authorization (A&A) documents and procedures.
  • Interface with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel, and Government security representatives.
  • Serve as a principal advisor to the Government and service lane leads on all matters, technical and otherwise, involving the security of an Information System including, but not limited to, accreditation status, emerging threats, current security posture, ongoing activities, and Plan of Action and Milestones (POA&Ms).
  • Adheres to DIA Risk Management Framework (RMF) standards for the performance of the ISSO role, the recommendations comply with the Federal Information Security Modernization Act (FISMA), and in accordance with NIST (National Institute of Standards and Technology) SP 800-37.
  • Maintains the information system assessment and authorization record within the agency’s authoritative system repository, to include but not limited to, the system security POA&M documents.
  • Updates XACTA during the lifecycle of the system including updating network diagrams, vulnerability scans, STIG checklists, hardware/software lists, and SCRM certificates.
  • Maintains responsibility for the day-to-day security operations of the system ensuring the network, system, application, or service is operated, maintained, and disposed of in accordance with DIA security policies and procedures outlined in the security authorization package.
  • Ensures approved operational systems obtain and retain Approval to Operate (ATO).
  • Develops POA&M for identified vulnerabilities and ensure compliance through updates as well as developing waivers, exceptions, and risk acceptance documents for information system vulnerabilities.
  • Coordinates with engineering ISSE and system SMEs to obtain approval via DIA’s RMF process.
  • Conduct reviews of the network, system, application and/or service in accordance with the periodicities set within the Monitoring Strategy of the Security Authorization Package Review and update approved ATO as required or requested in conjunction of auditors, cyber security & Information System Security Engineers.
  • Coordinates required system changes due to security notifications, baseline changes and/or elements required to retain ATO.

REQUIRED QUALIFICATIONS

  • Active Top-Secret Clearance with a CI Poly.
  • 8-10 years proven track record of progressively responsible information assurance experience in ICD 503 certification and accreditation.
  • Compliant with DoD 8140 and any other certification/training required by DoD for role.
  • Must maintain required technical and security training relative to cybersecurity duties, in accordance with DoD instruction 8510.01, Risk Management Framework for DoD Systems, NIST Special Publication 800-53, Recommended Security Controls for Federal Information Systems and Organizations and DoD Directive 8570.01-M, IA Workforce Improvement Program.
  • Must have certifications and/or comprehensive hands-on technical experience in the technology area(s) of their assigned system(s) in order to effectively carry out their duties.
  • Familiarization with NIST Special Publication 800-37 Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems, Committee on National Security Systems Instructions (CNSSI) 1253, and NIST SP 80053 Revisions 3 and 4, SP800-39, SP 800-30.
  • Demonstrated experience in transitioning applications to IC Information Technology Environment (ITE) and in-depth knowledge of IC ITE services.

Overview

We are seeking an Information Systems Security Officer to join our team supporting the Defense Intelligence Agency.

The Information Systems Security Officer will support Engineering and Operations network solutions and strategic adherence to all aspects of the Information Assurance (IA) program as stipulated by various U.S. Government requirements including (but not limited to): Director of Central Intelligence Directives (DCID), IC Directive (ICD) 503 and associated NIST publications. Preparation of Assessment and Authorization (A&A) documents and procedures. Interface with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel, and Government security representatives.

We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays.

The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation.

By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP".

#J-18808-Ljbffr