Information System Security Officer (ISSO)

Overview

Salary Range : $71,307 - $115,000

Provide on-site Information System Security Officer (ISSO) and / or Information Assurance Officer (IAO) support to our Navy customer.

Responsibilities

• Ensure proper Configuration Management procedures are followed prior to implementation and contingent upon an established approval process.
• Initiate requests for temporary and permanent exception, deviations, or waivers to IA requirements.
• Advise appropriate senior leadership or Authorizing Official of changes affecting the IA posture of the organization and its programs.
• Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organizations mission and goals.
• Collect and maintain data needed to meet system IA reporting.
• Define and / or implement policies and procedures to ensure protection of critical infrastructure (as appropriate).
• Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Ensure that IA inspections, tests, and reviews are coordinated for the network environment.
• Ensure that IA requirements are integrated into the continuity planning for that system and / or organization(s).
• Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level IA architecture.
• Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
• Evaluate cost benefit, economic, and risk analysis in decision making process.
• Identify security requirements specific to an IT system in all phases of the System Life Cycle.
• Participate in an information security risk assessment during the Security Assessment and Authorization process.
• Participate in the acquisition process as necessary, following appropriate supply chain risk management practices.
• Participate in the development or modification of the computer environment IA security program plans and requirements.
• Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
• Provide system related input on IA security requirements to be included in statements of work and other appropriate procurement documents.
• Recognize a possible security violation and take appropriate action to report the incident, as required.
• Recommend resource allocations required to securely operate and maintain an organization.
• Supervise or manage protective or corrective measures when an IA incident or vulnerability is discovered.
• Support necessary compliance activities (e.g., ensure system security configuration guidelines are followed, compliance monitoring occurs, etc.)
• Coach and Mentor junior staff.

Required Skills

Desired Skills

J-18808-Ljbffr