Information Systems Security Officer

Requirements:

• Willingness to submit to a Counterintelligence polygraph.
• Successful experience with system hardening configuration testing, continuous monitoring, and scanning using any of the following tools: SCAP, Nessus, Snort, Splunk policies and related Provide engineering solutions for all RMF accreditations throughout the entire systems/product lifecycle.
• Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational protective measures.
• Recent experience implementing the Intelligence Community Directive (ICD) 503 and Risk Management Framework (RMF) principles, Assessment & Accreditation lifecycle, National Institute of Standards and Technology (NIST) Special Publications including 800-53, Federal Information Processing Standard (FIPS) Publications 199 & 200, and Defense Security Service (DSS) processes including Office of the Designated Approving Authority (ODAA) Business Management System (OBMS) web-based system.
• Knowledge of security concepts and best practices such as defense in-depth, least privilege, need-to-know, separation of duties, access controls, encryption, etc.
• Strong technical and social skills providing accountability and day-to-day support in ensuring classified automated information systems (AIS) are protected and operated in accordance with governing manuals.

Preferred Requirements:

• DoD 8140 IAT III or IAM II Compliant: CompTIA, ISACA, (ISC)2, or GIAC certification.
• Experience with Government, Risk and Compliance (GRC) tools such as Telos Xacta IA Manager, eMASS, or Trusted Agent FISMA(TAF).
• Experience and knowledge of using Security Information and Event Management (SIEM) tools including; Splunk ES to analyze relevant security events and alerts.