Information Systems Security Officer (ISSO)
Arlington, Virginia, United States
Full Time Mid-level / Intermediate Clearance required USD 77K - 163K *
ARA
ARA is globally recognized for applying technically-excellent, in-depth and diversified research, engineering, and technical support services to provide answers to complex and challenging problems in the physical sciences. We approach every...Applied Research Associates (ARA), Inc. has an immediate need for an Early to Mid-Level Information Technology (IT) Professional to serve as an Information Systems Security Officer (ISSO) for the Algorithms, Modeling and Assessments (AMA) division in Arlington, VA. The candidate will support multiple programs administering the Information Assurance (IA) duties as the ISSO on multiple Information Systems (ISs). The qualified candidate will have 2 - 4 years of previous related IT experience. The candidate will support multiple programs and will coordinate with the Information System Security Manager (ISSM) for these ISs to ensure the Risk Management Framework (RMF) requirements are implemented, functional, and kept up to date according to System Security Plans (SSPs), 32 CFR Part 117 of the National Industrial Security Program Operating Manual (NISPOM), Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM), and applicable National Institute of Standards and Technology (NIST) Publications. Candidates for this position must be a US citizen and reside in the US. This is an on-site position and does not allow for remote work.
What you’ll do as an ISSO:
- In this position, the ISSO will audit, manage, and maintain systems that adhere to government regulations.
- Ensure information systems continue to meet compliance requirements.
- Perform required periodic assessments of existing security controls that protect information systems.
- Ensure user activity monitoring data is analyzed, stored, and protected in accordance with policies and procedures.
- Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
- Monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks and reporting them as necessary.
- Ensure audit records are collected, recorded, and analyzed in accordance with the SSP.
- Ensure configuration management policies and procedures are followed.
- Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the SSP.
- Ensure all proper account management documentation is completed.
- Verify all IS security-related documentation is current and accessible to properly authorized individuals.
- Support the secure maintenance and continuous monitoring programs.
- Report required corrective actions for all identified findings and vulnerabilities to the ISSM.
- Support the ISSM, the System and Network Administrator with the implementation, configuration and maintenance of security controls, the installation of security updates, and the installation, removal, upgrade, and replacement of software or hardware.
- Provide technical support to end users as needed.
- Perform and assist end users with file transfers per the Assured File Transfer (AFT) procedure.
- Assist in ensuring compliance with the 32 CFR Part 117 of the NISPOM, DCSA Assessment and Authorization Process Manual (DAAPM), Department of Defense (DoD) regulations, and Security Technical Implementation Guides (STIGs).
- Assist the ISSM with implementing, auditing physical and technical security controls to protect the information systems and perform the continuous monitoring requirements of information systems in a secure government environment.
- Perform other duties as assigned by the ISSM.
ISSO Position Requirements:
- Bachelor’s Degree with 2-4 years of experience or 8-10 years of related experience without a degree.
- U.S. citizenship is required and be eligible for a Security Clearance based on a Tier 5 investigation
- Possess a DoD 8570 IAM-I level professional certification (e.g., Security +)
- Have a strong understanding of computer operating systems (Windows and Linux), software and computer hardware
- Have the ability to configure laptop/desktops/servers, install applications, setup network infrastructure and troubleshoot as required
- Possess working knowledge of and experience with Cisco routers, firewalls and switches
- Highest degree of personal and professional integrity and ethics
- Strong organizational and administrative skills
- Proficient with Microsoft (e.g., Word, Excel, PowerPoint, and Outlook)
- Strong interpersonal skills working with all levels of staff and customers
- Ability to work independently and exercise good judgment
- Strong written and verbal communications skills
- Maintain and adhere to a high level of confidentiality
- Possess the ability to multitask, prioritize workload, and be flexible
- Possess the ability to learn new systems and procedures quickly
ISSO Position Preferences:
- Proficient in Information Assurance (IA) Security specifications such as RMF and NIST Special Publication 800-53
- Experience with security assessment/hardening tools (e.g., STIGs, Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS), etc.)
- Cisco Certification
Applied Research Associates, Inc. is an employee-owned international research and engineering company recognized for providing technically superior solutions to complex and challenging problems in the physical sciences. The company, founded in Albuquerque, NM, in 1979, currently employs over 2128 professionals. ARA offices throughout the United States and Canada provide a broad range of technical expertise in defense technologies, civil technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement. The corporation also provides sophisticated technical products for environmental site characterization, pavement analysis, and robotics.
At ARA, employees are our greatest assets. The corporation realizes that employee ownership spawns’ greater creativity and initiative along with higher performance and customer satisfaction levels. ARA gives its employees the tools, training, and opportunities to take more active roles as owners. The culture is challenging; innovation and experimentation are the norm. Employees are eligible for contributions which not only add to the company’s success, but also their own through the Employee Stock Ownership Plan (ESOP). The motto, “Engineering and Science for Fun and Profit” sums up the ARA experience. For additional information and an opportunity to join this unique workplace, please visit our website at www.ara.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ACAS Audits Automation Clearance Compliance DAAPM DoD DoDD 8570 Firewalls IAM Industrial Linux Monitoring NISPOM NIST NIST 800-53 Risk management RMF SCAP Security assessment Security Clearance STIGs System Security Plan Vulnerabilities Windows
Perks/benefits: Flex hours Gear
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs