Qualified candidates should have extensive knowledge and experience with:
Information Systems Security Officer (ISSO) Support.
a. Ensure the successful execution of all certification and accreditation activities within the assigned technical department.
b. Ensure certification and accreditation support documentation packages for systems within the assigned technical department are developed, maintained, and updated as required.
c. Serve as member of the Configuration Control Board (CCB) for accredited information systems within the assigned technical department.
d. Conduct periodic reviews to ensure compliance with the authority to operate (ATO) and PIT Risk Approval (PRA) letters issued by the Designated Accrediting Authority (DAA).
e. Perform annual reviews in accordance with FISMA requirements and update DITPR-DON, DADMS, and all associated artifacts for systems and programs within the assigned technical department to ensure compliance and accurate reporting.
f. Develop a deep understanding of the customer's mission and capabilities as well as the environments and resources required to support them.
g. Ensure integration with customer requirements and policies to leverage lessons learned for the efficient delivery of technical solutions.
h. Work with the customer ITC to tailor the delivery of Cyber Security Program elements to ensure effective dissemination and implementation within the assigned technical department.
i. Meet with the customer Information Technology Coordinator (ITC) regularly to ensure service level expectations are being met, communicate emergent issues, discuss policy changes, and identify areas for improvement.
j. Ensure information systems are operated, used, maintained, and disposed of in accordance with security policies and practices.
k. Report cyber security events / potential incidents to the Command ISSM in accordance with the customer policy and procedures.
l. Report Electronic Spillage (ES) of classified information in accordance with the customer policy and procedures.
m. Review Media Transfer Agent (MTA) appointments no less than quarterly and advise the customer ISSM on activity levels and resource requirements.
n. Audit MTA transfer logs monthly to ensure compliance with local policy and CTO requirements; report non-compliance and policy violation to the customer ISSM.
o. Follow procedures developed by the customer ISSM, in accordance with configuration management policies and practices, for authorizing software use prior to its implementation on information systems. Changes or modifications to hardware, software, or firmware of information systems that affect the security posture of the system or network must be coordinated with the customer ISSM prior to implementation.
p. Support the customer information assurance vulnerability management (IAVM) program requirements and ensure assets are STIG'd, patched, and maintained in compliance with the customer IAVM Program.
q. Enforce the customer and higher authority CS policies; effectively communicate them to the customer users and immediately report policy violations to the ISSM. Assist, as directed, in adjudication and resolution of policy violations.
r. Interpret the customer CS policies and procedures and advise the assigned technical Department on applicability and intent to ensure compliance.
s. Coordinate with the ITC to develop strategic planning initiatives within the customer for the delivery of CS solutions.
t. Assist the ITC to ensure compliance with annual CS Awareness Training within the customer.
u. Work with system owners and administrators to determine requirements for, and complete, IT security exception requests as required.
v. Manage Alt Tokens, and the requirements for them, in both the RDT&E and NMCI environments.
w. Maintain access to SIPRNET resources and check NCDOC regularly for CTOs and CS Program announcements.
x. Assist the ITC in response to data calls associated with CS program elements.
y. Ensure audit readiness and execute activities necessary to prepare for Division inspections of the CS program.
CASP or CAP or Security Plus or SSCP, Program Management Professional (PgMP)
Associate Degree from accredited University or CNSSI 4011/4012 Certificate
NEC-2779 or 2780 or 2781, CYBR2400, NETW4001, SSC- 6201-6206, AQD- GA1-9
US CITIZENSHIP, DoD SECRET SECURITY CLEARANCE REQUIRED
EHS Technologies Corporation is an Affirmative Action/Equal Opportunity Employer