Vosper Thornycroft Group
Information Systems Security Officer
Vosper Thornycroft Group, Chantilly, Virginia, United States, 22021
Overview
TUNUVA Technologies (a wholly owned subsidiary of VTG) seeks to hire an
Information Systems Security Officer (ISSO)
in Chantilly, VA to monitor and maintain systems security on operational systems such as malicious code eradication, configuration management, assessment and authorization of current and future systems, as well as to review and revise systems security documentation on proposed systems. ISSOs shall know how to implement common information system security practices, policies, and technologies. Additionally, ISSOs demonstrate self-motivation, initiative, sound judgement, and effective interpersonal skills, team building skills, and effective communication skills.
Responsibilities
Collaborate with system stakeholders and teammates to enhance system security
Communicate effectively with all security stakeholders
Create, revise, or review cybersecurity documentation
Proactively identify opportunities for increasing customer value and engagement
Act as a Data Transfer Agent between systems of varying security domains
Inventory, track, and control removable media and portable electronic devices
Advise stakeholders on NIST SP 800-37 RMF workflows and requirements
Review SIEM and RMF workflow tools to advise ISSM on system security baselines and authorization statuses
Advise system stakeholders on acceptable use and applicable cybersecurity policy or regulation
Properly report and document security incidents and response actions
Do you have what it takes? Requirements
Clearance: Active TS/SCI with Polygraph
Currently hold or obtain and maintain DoD 8570 IAT-2 certification within 6 months of starting the position
Applicants should possess education and experience at the appropriate level for the position. Education relevant to computer engineering, information security, information management, and/or computer science. Experience relevant to information technology security, information systems security, information assurance engineering, and systems administration.
Bachelor’s degree + 2 years of experience OR High School/GED + 6 years of experience OR Associate’s degree + 4 years of experience OR Master’s degree or higher + 0 – 2 years of experience
Desired Qualifications
Knowledge of and experience with ICD 503 and NIST SP 800-37 Risk Management workflows
Understanding and application of network security principles, practices, and implementations
Working knowledge of cross-functional integration of information systems into a physical security environment
Working knowledge of system functions, security policies, technical security safeguards, and operational security measures
Understanding of system methodologies including but not limited to client server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, LAN, switches, and routers
Familiarity with detecting and preventing computer security compromises in a networked environment
Working knowledge of configuration management; system maintenance; and integration testing
Proficient in the use of tools used to prevent and/or negate malicious code
Understanding of Commercial-Off-the-Shelf (COTS) tools that scan at the physical layer of all removable and fixed media types including but not limited to: (CDs, hard drives, thumb drives, Zip/Jazz, etc.)
Ability to support evidentiary forensics and preservation
Ability to troubleshoot technical configurations and make recommendations on the protection of classified and sensitive data
Demonstrated ability to translate technical information and information technology jargon into plain English
Ability to apply a risk management philosophy when faced with security challenges and the ability to articulate the pro’s and con’s of a particular solution in a clear concise manner
Demonstrated proficiency with computer operating systems (e.g., Microsoft Windows, LINUX, UNIX, Mac OS, etc.)
Analytical ability to understand complex technical configuration management documents
Strong ability to elicit, articulate, and document information in a well-organized manner
Demonstrated ability to work independent of close supervision
Working knowledge of all applicable customer, IC, and DoD policies, procedures and operating instructions related to cybersecurity
Excellent communication, interpersonal, and team-building skills to engender rapport with the military personnel, civilians, and other contractors at all levels
An ability to prioritize work to meet deadlines.
#J-18808-Ljbffr
Information Systems Security Officer (ISSO)
in Chantilly, VA to monitor and maintain systems security on operational systems such as malicious code eradication, configuration management, assessment and authorization of current and future systems, as well as to review and revise systems security documentation on proposed systems. ISSOs shall know how to implement common information system security practices, policies, and technologies. Additionally, ISSOs demonstrate self-motivation, initiative, sound judgement, and effective interpersonal skills, team building skills, and effective communication skills.
Responsibilities
Collaborate with system stakeholders and teammates to enhance system security
Communicate effectively with all security stakeholders
Create, revise, or review cybersecurity documentation
Proactively identify opportunities for increasing customer value and engagement
Act as a Data Transfer Agent between systems of varying security domains
Inventory, track, and control removable media and portable electronic devices
Advise stakeholders on NIST SP 800-37 RMF workflows and requirements
Review SIEM and RMF workflow tools to advise ISSM on system security baselines and authorization statuses
Advise system stakeholders on acceptable use and applicable cybersecurity policy or regulation
Properly report and document security incidents and response actions
Do you have what it takes? Requirements
Clearance: Active TS/SCI with Polygraph
Currently hold or obtain and maintain DoD 8570 IAT-2 certification within 6 months of starting the position
Applicants should possess education and experience at the appropriate level for the position. Education relevant to computer engineering, information security, information management, and/or computer science. Experience relevant to information technology security, information systems security, information assurance engineering, and systems administration.
Bachelor’s degree + 2 years of experience OR High School/GED + 6 years of experience OR Associate’s degree + 4 years of experience OR Master’s degree or higher + 0 – 2 years of experience
Desired Qualifications
Knowledge of and experience with ICD 503 and NIST SP 800-37 Risk Management workflows
Understanding and application of network security principles, practices, and implementations
Working knowledge of cross-functional integration of information systems into a physical security environment
Working knowledge of system functions, security policies, technical security safeguards, and operational security measures
Understanding of system methodologies including but not limited to client server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, LAN, switches, and routers
Familiarity with detecting and preventing computer security compromises in a networked environment
Working knowledge of configuration management; system maintenance; and integration testing
Proficient in the use of tools used to prevent and/or negate malicious code
Understanding of Commercial-Off-the-Shelf (COTS) tools that scan at the physical layer of all removable and fixed media types including but not limited to: (CDs, hard drives, thumb drives, Zip/Jazz, etc.)
Ability to support evidentiary forensics and preservation
Ability to troubleshoot technical configurations and make recommendations on the protection of classified and sensitive data
Demonstrated ability to translate technical information and information technology jargon into plain English
Ability to apply a risk management philosophy when faced with security challenges and the ability to articulate the pro’s and con’s of a particular solution in a clear concise manner
Demonstrated proficiency with computer operating systems (e.g., Microsoft Windows, LINUX, UNIX, Mac OS, etc.)
Analytical ability to understand complex technical configuration management documents
Strong ability to elicit, articulate, and document information in a well-organized manner
Demonstrated ability to work independent of close supervision
Working knowledge of all applicable customer, IC, and DoD policies, procedures and operating instructions related to cybersecurity
Excellent communication, interpersonal, and team-building skills to engender rapport with the military personnel, civilians, and other contractors at all levels
An ability to prioritize work to meet deadlines.
#J-18808-Ljbffr