logo inner

Information Systems Security Officer

Diligent ConsultingNellis Afb, Nevada, United StatesOnsite
This job is no longer open

Position Summary:


Information System Security Officer (ISSO)/Technical Security Requirements. The contractor shall perform the following duties related to Information Assurance/Technical Security IAW DoD JSIG and applicable DoD, DAF, ACC, and 57th Wing applicable AIS security polices and regulations:- Manage, update, and accomplish AIS RMF BOE and BOE associated requirements. Ensure development and implementation of procedures IAW Configuration Management policies and procedures for evaluation of AIS security program.- Perform analysis of network security, based upon RMF JSIG, National Industrial Security Program Operating Manual (NISPOM) Chapter 8, and other sources as added or updated, advise customers on AIS certification and accreditation issues.- Perform AIS risk assessments and make recommendations to customers, 57th Wing Information System Security Manager (ISSM), and System Owner.- Participation in AIS Configuration Control Board.- Advise 57th Wing ISSM and System Owner on security testing methodologies and processes.- Evaluate AIS certification documentation and provide written recommendations for accreditation to 57th Wing ISSM and System Owner.- Review AIS security to accommodate and/or recommend changes to policy or technology.- Evaluate Information Technology (IT) threats and vulnerabilities to determine whether additional safeguards are needed and report these threats or vulnerabilities to 57th Wing ISSM and System Owner.- Develop and maintain a formal Information Systems Security Program.- Recommend changes/updates to the 57th Wing Information Assurance Standard Operating Procedure (IA SOP) to the 57th Wing ISSM when applicable to support unique AIS requirements.- Review and evaluate all certification/accreditation support documentation for proof of acceptable AIS and network security procedures and based upon review, provide written documentation for accreditation to the 57th Wing ISSM, to include External Information Systems (EIS).- Ensure all personnel have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to AIS.- Ensure approved procedures are in place for clearing, purging, declassifying, and releasing system memory, media, and output.- Ensure all accreditation documentation, to include Cyber Program required documentation is loaded to Core File Share IAW 57th Wing IA SOP.- Conduct and coordinate AIS security inspections, tests, and reviews.- Ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within the applicable computer or network system.- Ensure that data ownership and responsibilities are established for each AIS, to include accountability, access rights, and special handling requirements.- Ensure development and implementation of an information security education, training, and awareness program, to include attending, monitoring, and presenting AIS security training.

Manage Media Custodian Training, User Account Training, Annual SAP Security Training, and Data Transfer Training.- Evaluate threats and vulnerabilities to ascertain whether additional safeguards are needed. Manage, track, and install AIS vulnerability patches.- Assess configuration changes in the system, environment, and operational needs that could affect AIS accreditation.- Review existing security documentation to verify documents still accurately represent the system; a re-evaluation of the system vulnerabilities, threat and risk; and complete security test, or subset of the original test that will be conducted.- Conduct periodic testing of the security posture of the information systems as required.

Verify the compliance of the system with the security requirements by demonstrating, inspecting, and analyzing the system’s capabilities and base-line configuration.- Ensure configuration management for security-relevant AIS software, hardware, and firmware is maintained and documented.- Ensure system recovery processes are monitored to ensure security features and procedures are properly restored.- Ensure all AIS security-related documentation is current and accessible to authorized individuals.- Ensure system security requirements are addressed during all phases of the system life cycle.

Develop and manage an AIS End of Support (EOS) program for all AIS and associated equipment/devices. Advise customer onupcoming costs associated with replacing EOS equipment for effective budget. 1.2.1.27. Perform weekly system audits as required on multiple systems; work closely with system administrators and ensure current security measures are sufficient and in compliance with approved policies and processes.-Pe rform account management for all systems and access; tasks include verifying requirements for access and adding/modifying/deleting accounts as required.- Write Request for Approvals (RFA) for equipment and electronic data being used in off-site locations.- Participate in annual self-inspections and Command Compliance Inspections; identify discrepancies and report security incidents as required by the DAA and/or Program Security Officer (PSO).- Maintain a working knowledge of system functions, security safeguards, and operational security measures.- Provide research and analysis in support of expanding programs and areas of responsibility.- Manage Media Control Program to include accountability of magnetic and optical media of all types.- Perform virus and malicious code scanning on all computer media entering the facility.- Perform file transfers between local systems to storage devices.- Manage the disposition and destruction of AIS, at all classification levels, and supported devices/peripherals IAW DoD policies.- Inspect incoming equipment to ensure what was ordered; inspect outgoing equipment for classified markings and for any non-volatile storage devices.

This job is no longer open

Life at Diligent Consulting

Diligent Consulting Inc is an IT services provider delivering high quality solutions in Enterprise Architecture, Legacy System Revitalization & Transformation, Application Development, Cyber Security and Professional Services. We are appraised at CMMI Maturity Level 3 and ISO 9001:2008. Diligent is a Service Disabled Veteran Owned Small Business. We are proud to have been awarded a prime contract under NETCENTS-2 Application Services, Small Business. We uphold the values of integrity and professionalism and are grounded in an overriding dedication to apply the right skills to support our customer's mission. The Diligent team has an ideal combination of experience and leadership to provide complete IT lifecycle services with the ability to quickly understand, master, and exploit new technologies and tools helping customers solve specific mission challenges. We strive to have a positive impact upon the communities in which we live and work. Read more about us at Diligent's website.
Thrive Here & What We Value1. Collaborative & Innovative Environment2. Emphasis on Continuous Learning & Improvement3. Opportunities for professional growth and development4. Focus on Delivering High-Quality Products5. Strong Teamwork & Camaraderie
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Copyright © 2024