Senior Information System Security Officer

Job Description

As a Senior Information Systems Security Officer, you will be responsible for safeguarding an organization's computer networks and systems to the highest standards. The primary focus is ensuring data security, integrity, and confidentiality within these systems. Responsibilities of this role include:

• Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
• Analyzes architecture and system functionality for multiple technologies.
• Contributes to the development and evaluation of attack scenarios.
• Prepares and delivers technical reports and briefings.
• Has a complete understanding of Risk Management Framework and how to implement the process on program systems/networks.
• Performs, or reviews, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies.
• Validates and verifies system security requirements definitions and analysis and establishes system security designs.
• Assists architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions.
• Supports the building of security architectures.
• Enforces the design and implementation of trusted relations among external systems and architectures.
• Assess' and mitigates system security threats/risks throughout the program life cycle.
• Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
• Reviews certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content.
• Performs system installation, configuration, maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems.
• Performs limited penetration testing and routine exploit analysis.
• Performs system or network designs that encompass multiple enclaves, to include those with differing data protection/classification requirements.
• Recommends system-level solutions to resolve security requirements.
• Supports the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures.

Required Skills and Qualifications

• Working with the application leads, sysadmins, DBAs, developers, and testers to ensure the assigned systems are security compliant and achieve/maintain ATO.
• Active Top Secret/SCI Clearance with a Polygraph
• Loading artifacts such as STIG checklists and ACAS scans.
• Helping to implement STIG checklists and mitigate scan findings.
• Answering questions to ensure systems are developed with security compliance built in.
• Supporting security assessment events and responding to all questions from PAT team, ISSMs and SCA

Desired Skills

• Experience working with Xacta.

Education and Experience

• 14 years of professional experience with a Bachelor's degree or equivalent.
• 12 years of professional experience with a Master's degree or equivalent.
• 10 years of professional experience with a PhD or equivalent.
• Additional experience will be considered in lieu of a degree.