What are the responsibilities and job description for the Sr. ISSO with Security Clearance position at ClearanceJobs?
Position requires TS/SCI w/ Full-Scope Poly Job Description:
- Provides support for a program, organization, system, or enclave’s information assurance program.
- Provides assistance for proposing, implementing, and enforcing information systems security policies, standards, and methodologies.
- Provides daily oversight and direction to ISSOs.
- Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves.
- Provide guidance and technical expertise on all matters that impact or effect the security of the information system.
- Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis.
- Developing, updating, and submitting the System Security Plan and other required documentation that make up the Security Authorization Package.
- Conduct configuration management for security-relevant changes to software, hardware, and firmware.
- Perform and deliver security impact analyses of changes to the system or its environment of operation.
- Assess the effectiveness of system security controls on an ongoing basis to determine system security status.
- Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments.
- Provides configuration management for security-relevant information system software, hardware, and firmware. Requirements:
- 14 years of related work experience in the field of security authorization.
- A Bachelor’s degree in Computer Science, Information Technology Engineering, or a related field may be substituted for 4 years’ experience.
- DoD 8570.1 compliant IAM Level III certification, such as the GSLC, CISM, CISSP (or associate) certification.
- A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37 and familiarity with the ICD503, CNSSI1253, SP800-53, etc.
- Knowledge of commercial security tools and their uses.
- Experience with hardware/software security implementations.
- Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services.
- Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance.
- Experience creating and presenting documentation and management reports.
- Should have experience working with the XACTA IA Manager.
- Should be able to review NESSUS Scans and provide SAs with tasking to make necessary corrections.