Wood Consulting Information Systems Security Officer, Level 2 in Laurel, Maryland
Provides support for a program, organization, system, or enclave’s information assurance program. Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintains operational security posture for an information system or program to ensure information assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Supports security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Information Assurance Certification and Accreditation Process (DIACAP).
Serves as an Information Systems Security Manager (ISSM).
Provides daily oversight and direction to contractor ISSOs.
Interacts with customers, IT staff, and high-level corporate officers to define and achieve required IA objectives.
Assists with the CM for information system security software, hardware, and firmware.
Assists with preparation and maintenance of documentation.
Maintains records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades.
Evaluates security solutions to ensure they meet security requirements for processing classified information.
Proposes, coordinates, implements, and enforces information systems security policies, standards, and methodologies.
Maintains operational security posture for an information system (IS) or program.
Develops and maintains documentation for C&A in accordance with ODNI and DoD policies.
Develops and updates the SSP and other IA documentation.
Provides CM for security-relevant information system software, hardware, and firmware.
Assists with the management of security aspects of the IS and performs day-to-day security operations of the system.
Develops system security policy and ensures compliance.
Administers the user identification and authentication mechanism of the IS.
Plans and coordinates the IT security programs and policies.
Manages and controls changes to the system and assessing the security impact of those changes.
Obtains C&A for ISs under their purview.
Provides support for a program, organization, system, or enclave’s IA program.
Serves as the Approval Authority for ISs under their control.
Active Top Secret Clearance with polygraph required
Fifteen (15) years’ experience as an ISSO on programs and contracts of similar scope, type, and complexity is required.
Experience is to include at least three (3) of the following areas: Knowledge of current security tools, hardware/software security implementation; communication protocols; and encryption techniques/tools.
Bachelor’s degree in a Computer Science or related discipline from an accredited college or university.
Four (4) years of ISSO experience may be substituted for a Bachelor’s degree
Contractor shall currently possess and maintain one of the following certifications:
International Information Systems Security Certifications Consortium (ISC)2 – Certification Authorization Professional (CAP)
Global Information Assurance Certification (GIAC) Security Leadership Certificate (GSLC)
CompTIA – Security+
Information Systems Audit and Control Association (ISACA) – Certified Information Security Manager (CISM)
CompTIA - Advanced Security Practitioner (CASP)
(ISC)2 – Certified Information Systems Security Professional (CISSP)
An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
External Company Name: WOOD Consulting Services
External Company URL: www.woodcons.com