Classified ISSO

Responsibilities Include:

• Ensure protective measures are in place for the security of the IT equipment in the SCIF and any future SCIFs, the documented equipment and media going in and out of the SCIFs, as well as providing technical support for the users and HSDN rooms.
• Assist with any Service Desk incident or request for service regarding software or hardware within the SCIF.
• Ensure compliance with all Intelligence Community (IC) policies and guidance concerning the use of commercial proprietary software, e.g., respecting copyrights and obtaining site licenses.
• Assist the I&A CISO with matters regarding oversight and compliance, and when specifically directed by I&A CISO, distribute additional security awareness information or training requirements to the user community as appropriate (Additional insight will be provided through training).
• Report all security incidents both IT-related (including computer viruses) and non-IT security-related in accordance with established procedures.
• Complete and maintain an up-to-date inventory of all system components for assigned and spare equipment for all non-classified and classified systems in the Open Storage areas and SCIF.
• Ensure a visitor log is being utilized and maintained for access to physical spaces where system components reside and review the visitor logs on at least a monthly basis.
• Attend security awareness and related training programs and distribute security awareness information to the user community as appropriate.
• Provide input to appropriate IT security personnel for preparation of reports to higher authorities concerning information systems.
• Provide Security Incident Management and Security Architecture assistance, including but not limited to the development and maintenance of technical and administrative processes, methods, procedures, and solutions, as required.
• Complete security questionnaires attached to any change requests.
• Review and provide recommendations to Government managers for change requests that are reviewed at the various boards.
• Provide gateway support to the Information Technology Lifecycle Management (ITLM) resources for our customer's information systems.
• Perform tasks to support DHS ICCB CR requirements for all information systems, including review of DHS CR packages, ICCB CR forms, and CR test and backout plans as well as submit DHS ICCB security questionnaires and required security package for applicable CRs.
• Support the development and documentation of contingency plans, disaster recovery (DR) plans, and Continuity of Operations (CONOPS) plans. In addition, support the execution of emergency backups in coordination with other infrastructure operational components and/or DHS Data Center specific requirements.
• Work with other agencies for troubleshooting software, hardware, and network problems for all unclassified and classified systems within the SCIF and all Open Storage areas.
• Ensure protective measures are in place for the security of the IT equipment in the SCIF and any future SCIFs, the documented equipment and media going in and out of the SCIFs, as well as providing technical support for the users and HSDN rooms.
• Ensure compliance with all Intelligence Community (IC) policies and guidance concerning the use of commercial proprietary software, e.g., respecting copyrights and obtaining site licenses.
• Perform HSDN and Token Authority duties such as issue tokens, replace defective/lost tokens, receive good tokens no longer needed by the user, and reset PINs.
• Escort un-cleared personnel/vendors/technicians who have a valid need to be in the secured facilities (SCIFs/HSDN rooms) to complete a task.
• Assist ESOC and SOC with data spillage of classified data on equipment that is of a lower classification.
• Provide monthly reports to the customer for the classified equipment that is in the SCIFs.
• Assist the SOC with the monthly IOC Exercises on the classified networks to pass down unclassified information to the SOC on the unclassified system.
• Perform other related tasks as requested by the Government.

Required Experience and Qualifications:

• Must be a US Citizen.
• Must possess and maintain a DoD Top Secret Sensitive Compartment Information (TS/SCI) security clearance.
  • Must also be able to obtain a customer-specific clearance prior to starting.
• Must have and maintain at least one (1) active certification such as but not limited to Network , Security , CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, or other comparable certification or experience which must be approved in advance by the Government on a case-by-case basis.
• Must have at least three (3) years of specialized experience in one of the below positions: Information Systems Security Officer, Information Systems Security Engineer, or Facility Security Manager
• Must have a minimum of three (3) years of experience with analyzing, assessing, and implementing corrective actions based on vulnerability management tools.
• Proficient in providing workstation level desktop support 
• In-depth knowledge of Microsoft Windows operating environment with Administrator level access
• Must have a minimum of three (3) years of experience with leading projects, technical writing, administrative tasks, and conducting briefings.
• Experience/familiarity with supporting the following task areas:
  • Risk Management Framework (RMF) Activities
  • Security Authorization Documentation
  • Security Control Assessment Response
  • Change Management
  • Continuous Monitoring
  • Configuration/Patch/Vulnerability Management, and/or
  • Incident Response.
• Experience in security process mapping, security process analysis, security process improvement concepts, models, and best practices.
• Experience with leading projects, technical writing, administrative tasks, and conducting briefings to federal personnel.
• Excellent customer service, analytical, problem solving, team-building, and interpersonal skills.
• Ability to work independently and function as an integral part of the team.
• Excellent oral and written communication skills; technical and business-focused, with the ability to document and describe security process information collected.
• Listening skills, the ability to detect explicit and implicit needs and wants.
• Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under the pressure of deadlines and resource constraints.
• Proven experience in building consensus and managing cross-functional teams.
• Advanced Microsoft Excel and Access skills to perform extensive data mining, correlation, and reporting.
• Experience working with NIST SP 800-53, RMF, FISMA, DHS, and DoD policies.
• Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under the pressure of deadlines and resource constraints.
• Strong analytical and problem-solving skills.
• Demonstrated interviewing and negotiation skills applicable to identifying, defining, and evaluating requirements.