logo inner

Information Systems Security Officer

Diligent ConsultingNellis Afb, Nevada, United StatesOnsite
This job is no longer open

Position Requirements


The ISSO will fulfill the following duties concerning Information Assurance and Technical Security, in accordance with DoD JSIG and relevant policies from DoD, DAF, ACC, and the 57th Wing:


  • Management of AIS RMF Requirements: Oversee and implement the Risk Management Framework (RMF) Basis of Evidence (BOE) requirements. Develop and execute procedures in line with Configuration Management policies for evaluating the AIS security program.

  • Network Security Analysis: Analyze network security in accordance with RMF JSIG, NISPOM Chapter 8, and other relevant guidelines. Provide advice to clients on AIS certification and accreditation issues.

  • Risk Assessments: Conduct AIS risk assessments and offer recommendations to the 57th Wing Information System Security Manager (ISSM) and System Owners.

  • Configuration Control Board Participation: Actively participate in the AIS Configuration Control Board.

  • Security Testing Advisory: Advise the 57th Wing ISSM and System Owners on security testing methodologies and processes.

  • Certification Documentation Evaluation: Review AIS certification documents and deliver written recommendations for accreditation to the 57th Wing ISSM and System Owners.

  • Policy Review and Recommendations: Assess AIS security to recommend necessary changes in policy or technology.

  • Threat and Vulnerability Evaluation: Analyze IT threats and vulnerabilities to determine the need for additional safeguards, reporting findings to the 57th Wing ISSM and System Owners.

  • Information Systems Security Program Development: Establish and maintain a formal Information Systems Security Program.

  • SOP Recommendations: Suggest updates to the 57th Wing Information Assurance Standard Operating Procedure (IA SOP) to support specific AIS requirements.

  • Documentation Review for Accreditation: Review and assess all certification/accreditation documentation for compliance with AIS and network security procedures, providing written documentation for accreditation to the 57th Wing ISSM, including External Information Systems (EIS).

  • Personnel Security Clearance Management: Ensure all personnel possess the necessary security clearances, authorizations, and awareness of their security responsibilities before granting AIS access.

  • Data Clearing Procedures: Implement approved procedures for clearing, purging, declassifying, and releasing system memory, media, and output.

  • Accreditation Documentation Management: Ensure all accreditation documentation, including required Cyber Program documentation, is uploaded to Core File Share per the 57th Wing IA SOP.

  • Security Inspections and Testing: Conduct and coordinate AIS security inspections, tests, and reviews.

  • Incident Response and Corrective Measures: Ensure appropriate actions are taken when incidents or vulnerabilities are identified within computer or network systems.

  • Data Ownership Responsibilities: Establish data ownership, accountability, access rights, and special handling requirements for each AIS.

  • Security Training and Awareness Program: Develop and implement an information security education and training program, including AIS security training sessions. Manage Media Custodian Training, User Account Training, Annual SAP Security Training, and Data Transfer Training.

  • Vulnerability Management: Evaluate threats and vulnerabilities to determine if additional safeguards are necessary. Track and install AIS vulnerability patches.

  • Configuration Change Assessment: Assess configuration changes affecting AIS accreditation, considering system, environmental, and operational impacts.

  • Security Documentation Verification: Review existing security documentation to ensure accuracy and relevance, re-evaluating system vulnerabilities, threats, and risks, and conducting necessary security tests.

  • Periodic Security Testing: Conduct regular testing of the information systems’ security posture, verifying compliance with security requirements through system inspections and analysis.

  • Configuration Management Maintenance: Maintain and document configuration management for security-relevant AIS software, hardware, and firmware.

  • System Recovery Monitoring: Monitor system recovery processes to ensure security features and procedures are effectively restored.

  • Documentation Accessibility: Ensure that all AIS security-related documentation is current and accessible to authorized personnel.

  • Lifecycle Security Requirements: Address security requirements during all phases of the system lifecycle. Develop and manage an AIS End of Support (EOS) program for all AIS and associated equipment, advising customers on upcoming replacement costs for effective budgeting.

  • Weekly System Audits: Conduct weekly system audits across multiple systems, collaborating with system administrators to ensure current security measures are adequate and compliant with policies.

  • Account Management: Oversee account management for all systems, including access verification and account modifications as needed.

  • Request for Approvals: Write Requests for Approvals (RFA) for equipment and electronic data used in off-site locations.

  • Self-Inspections Participation: Participate in annual self-inspections and Command Compliance Inspections, identifying discrepancies and reporting security incidents as required by the DAA and/or Program Security Officer (PSO).

  • Knowledge Maintenance: Maintain a thorough understanding of system functions, security safeguards, and operational security measures.

  • Research and Analysis Support: Provide research and analysis to support the expansion of programs and areas of responsibility.

  • Media Control Program Management: Manage the Media Control Program, ensuring accountability for all types of magnetic and optical media.

  • Virus Scanning: Conduct virus and malicious code scanning on all computer media entering the facility.

  • File Transfer Management: Oversee file transfers between local systems and storage devices.

  • AIS Disposition Management: Manage the disposition and destruction of AIS, at all classification levels, and associated devices/peripherals according to DoD policies.

  • Equipment Inspection: Inspect incoming equipment for accuracy against orders and outgoing equipment for classified markings and non-volatile storage devices.

CLEARANCE REQUIREMENTS


Top Secret/SCI

This job is no longer open

Life at Diligent Consulting

Diligent Consulting Inc is an IT services provider delivering high quality solutions in Enterprise Architecture, Legacy System Revitalization & Transformation, Application Development, Cyber Security and Professional Services. We are appraised at CMMI Maturity Level 3 and ISO 9001:2008. Diligent is a Service Disabled Veteran Owned Small Business. We are proud to have been awarded a prime contract under NETCENTS-2 Application Services, Small Business. We uphold the values of integrity and professionalism and are grounded in an overriding dedication to apply the right skills to support our customer's mission. The Diligent team has an ideal combination of experience and leadership to provide complete IT lifecycle services with the ability to quickly understand, master, and exploit new technologies and tools helping customers solve specific mission challenges. We strive to have a positive impact upon the communities in which we live and work. Read more about us at Diligent's website.
Thrive Here & What We Value1. Collaborative & Innovative Environment2. Emphasis on Continuous Learning & Improvement3. Opportunities for professional growth and development4. Focus on Delivering High-Quality Products5. Strong Teamwork & Camaraderie
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2024