Information System Security Officer - Dunhill Professional Search

Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate high level data and cyber security risks. Designs, tests and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design.

• Familiar with and applies knowledge of National level Security Policies to include: Intelligence Community Directive (ICD) 503, National Institute of Standards and Technology (NIST) 800 Series.
• Familiar with and applies knowledge of Roles and responsibilities of the Information Technology (IT) Security Manager/Information System Security Manager (ISSM) for maintaining the appropriate operational security posture.
• Prepares and maintains Certification and Authorization (C&A) documentation.
• Maintains the operational security posture for an information system.
• Interacts with Customers, Information Technology (IT) Staff, Information System Security Manager (ISSM), Information Owner, Information System Owner, and Designated Authorizing Official (DAO) in written and verbal communications.
• Performs assigned tasks in a timely manner within an unsupervised environment.
• Familiar with and applies knowledge of National level Security Policies to include: Committee on National Security Systems (CNSS) 1253.
• Support the Information System Security Manager (ISSM) for maintaining the appropriate operational Information Assurance (IA) posture.
• Effectively use of COTs/GOTs Enterprise Security tools in support of continuous monitoring.
• Interacts with additional resources including Security Control Assessor (SCA) and Information System Security Engineer (ISSE) in written and verbal communications.
• Enforce the Information Security Policies, Standards, and methodologies which includes the following NIST control families: Access Control, Audit and Accountability, Configuration Management and Incident Response.
• Participates in Configuration Management process (software, hardware and firmware). Manage and control changes to the system and assessing the security impact of these changes.
• Evaluates technical solutions to ensure compliance with security requirements and controls.
• Plan and coordinate IT security programs and policies.
• Manage and control changes to the system and assess the security impact of those changes.
• Obtain C&A for ISs under their purview.
• Provide support for a program, organization, system, or enclave's information assurance program.

Minimum Qualifications

• Bachelor's Degree in Computer Science or a related field or equivalent experience; Advanced Degree preferred.
• 4+ years of work experience in any combination of: System Administrator (SA), Information System Security Officer (ISSO), Information System Security Engineer (ISSE), Information Technology (IT) Service Desk, Computer Network Defense (CND) Analyst, Telecommunication Technician, and Network Administration.

Clearance Level

• TS/SCI w/FS Poly

Required Certification

• Must possess one of the following certifications: CAP; CND; Cloud+; GSLC; Security+ CE; or HCISPP.

Other Job Specific Skills

• Must be able to communicate effectively and clearly present technical approaches and findings.
• Exercises considerable latitude in determining technical objectives of assignments.
• Excellent attention to detail.
• Must be able to balance multiple tasks simultaneously.
• Advanced knowledge of encryption, vulnerability assessment, penetration testing, cyber forensics, intrusion detection, and incident response and remediation.
• May interface with external entities including law enforcement, and intelligence/government agencies.
• Exercises considerable latitude in determining technical objectives of assignment.

#cjpost