You haven't searched anything yet.
The contractor shall support CBP/OPR/CI in a wide range of systems engineering, administration, and Cyber security & regulatory compliance services necessary to maintain and secure OPR information technology networks used in the detection and investigations of cybercrimes and CBP policy violations.
Primary Responsibilities:
The contractor shall provide a qualified individual(s) to serve as an Information Systems Security Officer (ISSO) providing cyber security oversight for several major OPR applications and general support systems as assigned by the Government Information Systems Security Manager. The contractor ISSO must be an acknowledged expert concerning current Federal, National, DHS and CBP standards, policies, requirements and procedures and shall provide technical security expertise in planning, coordinating, preparing and authoring security authorization documentation necessary to ensure OPR meets all Federal Information Systems Modernization Act (FISMA) regulatory requirements and DHS 4300-A Sensitive Systems Policy and CBP 1400-05D Information Security Policy. In attaining this goal, the contractor shall support the Government Information Systems Security Manager by performing the following duties:
Develop, draft, review and endorse all information systems security plans and other security authorization artifacts and documents such as:
* Standards for Security Categorization of Federal Information and Information Systems (FIPS 199) Assessment
* E-Authentication Determination
* Privacy Threshold Determination
* Privacy Impact Assessment (PIA)
* Risk Assessment Plans
* System Security Plans
* Controls Testing (Security Test and Evaluation (ST&E)) Plans
* Configuration/Change Management Plans
* Contingency Plans
* Contingency Plan Test and Test Results
* Section 508 of the Rehabilitation Act plans
* Plans of Actions & Milestones (POA&Ms)
* Policy waiver and risk acceptance requests
* Ensure that assigned systems are operated, maintained, and disposed of in accordance with applicable policies and procedures NIST SP 800-37, Rev 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy, DHS 4300A Policy and Handbook, CBP Information Systems Security Policies and Procedures Handbook (HB 1400-05), and internal CBP (i.e., Office of Information Technology, Security Operations Division, etc.) security policies and practices
* Develop, review, maintain, and provide system security documentation for assigned systems, including System Security Plans, Interconnection Security Agreements, Contingency Plans, Plans of Action and Milestones, (POA&M), Waivers, and Exceptions through the DHS FISMA system management tool in use to implement and manage the NIST Risk Management Framework.
* Complete all activities required by the DHS Ongoing Authorization (OA) Program to transition assigned systems into the DHS OA Program and perform all required actions to maintain system authorization under OA once the system is admitted to the Program
* Assist the Government with the reporting and management of system level security violations and incidents.
* Assist the Government with the technical security evaluation of threats and vulnerabilities involving new/enhanced technology.
* Assist the Government with providing oversight to vulnerability scanning processes and procedures and security patch management/flaw remediation processes and procedures.
* Assist with development of cyber security SOPs, playbooks, work instructions, and other procedures and processes to mature cyber security capabilities.
Full Time
IT Outsourcing & Consulting
$104k-126k (estimate)
07/15/2023
06/02/2024
metronome.net
IRVINE, CA
25 - 50
1987
MATT VAEZI
$5M - $10M
IT Outsourcing & Consulting
The job skills required for ISSO include Information Security, Security Systems, Risk Management, Cybersecurity, Risk Assessment, Planning, etc. Having related job skills and expertise will give you an advantage when applying to be an ISSO. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by ISSO. Select any job title you are interested in and start to search job requirements.
The following is the career advancement route for ISSO positions, which can be used as a reference in future career path planning. As an ISSO, it can be promoted into senior positions as an Information Security Analyst IV that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary ISSO. You can explore the career advancement for an ISSO below and select your interested title to get hiring information.