Chiron Technology Services, Inc. currently has an Information System Security Officer I career opportunity in the Annapolis Junction, MD area. An active TS/SCI w/Polygraph Clearance is required for this position.
Requirements:
Minimum 5 continuous years of work experience in Information Systems Security or a related field.Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university. Four (4) years of additional ISSO experience may be substituted for a Bachelor's degree.Qualifications:
Conduct continuous monitoring of authorized, operational information systems (IS) to assess the effectiveness of security controls in an information system, on an ongoing basis, to determine system security status, which includes:
Conducting configuration management and assist the Government with the control of information system components
Providing security impact analyses of changes to a system or its environment of operation
Conducting ongoing assessments of security controls
Recommend security policies to the Government; execute technical security safeguards and operation security measures
Access data, control information, software, hardware, and firmware
Complete and maintain documentation for Security Authorization of each IS
Update System Security Plans (SSPs) each time the posture (e.g., hardware and software) of an IS is modified; if the modification(s) trigger a reauthorization, the contractor shall review and update all documentation for Security Authorization
Assist the Government in determining how modifications and/or introduction of new technology will impact the performance and security of their system(s)
Obtain Security Authorization for ISS; operate and maintain authorized ISS in accordance with the approved SSP
Provide recommendations to the Government concerning NSA/CSS authorized users access to the ISS; inspect for appropriate clearances, indoctrinations, and validate need-to-know for information
Determine whether all remote and network connections meet or exceed the ISS requirements of the IS; report findings to the Government
Administer the user identification and authentication mechanisms of the IS; when direct control of these mechanisms is not feasible, coordinate with the Government to recommend a manner in which the mechanisms can be used most effectively
Remove user accounts once access to the IS is no longer required
Obtain proper approvals and follow proper purging procedures when storage devices or other components capable of storing data are prepared for release
Identify the appropriate color-coded classification and monitoring label stickers on all computer monitors and CPU unit/containers
Provide the Government, in writing, any security weaknesses identified
Recommend security improvements for the IS
Assist the Government in applying physical and operational procedures to prevent a compromise of IS security, or negation of its Security Authorization
Review the IS security audit documents in accordance with NSA/CSS policy and procedures
Immediately report all security incidents involving ISs in accordance with NSA/CSS policies and procedures for computer security incidents
Advise authorized users of security features and procedures used on the IS
Assist the Government to ensure that maintenance personnel are granted only those privileges required to perform their job
Use configuration management to maintain and protect the security posture of the IS; coordinate all changes to the operating systems software or applications software with the Government
In coordination with the Government, participate in configuration control board activities
Maintain records on ISs, outlining required patches/system upgrades that have been accomplished throughout an IS' s life cycle
In the Government's internal tracking system, maintain records for workstations, servers, routers, firewalls, intelligent hubs, network switches, and telephony equipment; include in the records: POC, action taken (referencing any IAVA, CERTs involved), and date action completed
Assist the Government with implementing and managing the Information Assurance (IA) Program
Track and report organizational trends in the XACTA Information Assurance Manager (XIAM) Tool with regard to the security posture of systems, and work with the Government to resolve deficiencies or problems
Assist the Government in managing common control families, as defined in CNSS Instruction No. 1253, dated October 2009
Provide guidance/recommendations to the Government on IA best practices and procedures, compliant with the Risk Management Framework
Serve as the IA liaison to the Government
Work with the NSA Information Security Incident Response Team (NISIRT) and oversee resolution of computer security incidents and vulnerability compliance
Assist the Government in the development and review of Intelligence Community (IC) and NSA/CSS policy
Provide IA Workforce Improvement Program (IAWIP) support for the Government
Provide communications support on non-system specific OISS plans, policies, or procedures
Provide the Government assistance with special interest security activities
Review and provide recommendations for cross-domain transfers
Provide and evolve the existing Information System Security Officer (ISSO) Registration Tool in order to 1) qualify ISSOs based on experience level, skill sets, and certifications; 2) provide a fully qualified ISSO workforce that is registered, ISSO compliant, and validated with continually improving skill sets; 3) provide Information and System Security Risk Management, TS3 Management, an assessment tool to make decisions based on the ISSO workforce demographics, in order to enable effective global problem solving, logically and physically.
As needed, respond to off duty calls for assistance with broken or non-functioning IS
We are an EEO/AA Employer. We do not discriminate in hiring on the basis of race, color, national origin, sex, gender identity, sexual orientation, religion, age, disability, protected veteran status, or any other characteristic protected by federal, state or local law. If you need a reasonable accommodation for any part of the employment process, please contact us by email at careers@chirontech.com, let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.