Category

Information Technology

Job Type

Full-time

Career Level

Staff

Education

High School / GED

Travel

None

Security Clearance Required

TS

Job Description

TMC Technologies requires an Information Systems Security Officer (ISSO) to support the establishment, implementation, and maintenance of a life-cycle security model for the FBI CJIS division. The ISSO coordinates with system owners to ensure systems are operated and maintained in accordance with security policies and practices and reports all information system security incidents through the appropriate FBI channels. The applications and tool sets that are currently being used to perform the ISSO support functions are Risk Vision, ClearQuest, GITLAB, JIRA, Sharepoint, Splunk, BigFix, and Tenable Security Center. Due to federal contract requirements, the candidate must possess a US Citizenship and active Top Secret clearance. 

Duties include:

- Assisting CJIS stakeholders in identifying and evaluating technical and operational security risks, threats, weaknesses, and vulnerabilities associated with CJIS information systems; 
- Reviewing acquisitions for products as they relate to information security; 
- Supporting the SAA process of CJIS information systems to verify and validate conformance to Federal and FBI policies, regulations, FISMA compliance and standards, and to meet specified security requirements. Support will parallel with EISS certification testing methodologies and strategies; 
- Providing presentations, briefings, and training as assigned; 
- Supporting tier level/data categorization and providing data categorization reports as assigned; 
- Monitoring trends in technology, performing system security analyses, and recommending strategies and solutions for improving or enhancing system security; 
- Reviewing system specifications to ensure security requirements are met and reviewing for approval proposed system and engineering change requests and modifications to determine impact on system security; 
- Reviewing and maintaining required system documents to ensure all security related policy requirements have been addressed, providing guidance on the establishment of detailed SSPs for ensuring system requirements are met, and reviewing proposed changes to system requirements to evaluate the impact on system security; 
- Evaluating security vulnerabilities with regard to confidentiality, integrity, and availability, and recommending appropriate solutions, viable strategies, and/or mitigations; 
- Recommending and advising on standards and procedures that reflect good practice in IT infrastructure management and providing security policy support.

Job Requirements

Active Top Secret clearance required
Bachelor's degree preferred
A minimum of 4 years in the following is required:
- Experience in information system compliance with government standards and industry best practices, including National Institute for Standards and Technology (NIST), Open Web Application Security Project (OWASP), Common Criteria, Defense Information Security Agency (DISA) and SANS Institute; 
- Experience working in Agile development environments; 
- Demonstrated level of experience in information security practices within the federal and/or state governments; 
- Previous hands-on technical experience demonstrated in networking, system administration and development; and 
- Working knowledge of Continuous Integration/Continuous Delivery (CI/CD) Pipelines Virtualization, and software-defined networking. 

Desired experience includes: 

- Cloud Certifications 
- GRC Tool Experience 

We are equal opportunity/affirmative action employers, committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status, or any other protected characteristic under state or local law.