Information Systems Security Officer (ISSO)

Applied Research Associates (ARA), Inc.

has an immediate need for an Early to Mid-Level Information Technology (IT) Professional to serve as an Information Systems Security Officer (ISSO) for the Algorithms, Modeling and Assessments (AMA) division in Arlington, VA.

The candidate will support multiple programs administering the Information Assurance (IA) duties as the ISSO on multiple Information Systems (ISs). The qualified candidate will have 2 - 4 years of previous related IT experience.

The candidate will support multiple programs and will coordinate with the Information System Security Manager (ISSM) for these ISs to ensure the Risk Management Framework (RMF) requirements are implemented, functional, and kept up to date according to System Security Plans (SSPs), 32 CFR Part 117 of the National Industrial Security Program Operating Manual (NISPOM), Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM), and applicable National Institute of Standards and Technology (NIST) Publications.  Candidates for this position must be a US citizen and reside in the US.

This is an on-site position and does not allow for remote work.

What you’ll do as an ISSO:


* In this position, the ISSO will audit, manage, and maintain systems that adhere to government regulations. 


* Ensure information systems continue to meet compliance requirements. 


* Perform required periodic assessments of existing security controls that protect information systems. 


* Ensure user activity monitoring data is analyzed, stored, and protected in accordance with policies and procedures. 


* Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures. 


* Monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks and reporting them as necessary. 


* Ensure audit records are collected, recorded, and analyzed in accordance with the SSP. 


* Ensure configuration management policies and procedures are followed. 


* Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the SSP. 


* Ensure all proper account management documentation is completed. 


* Verify all IS security-related documentation is current and accessible to properly authorized individuals. 


* Support the secure maintenance and continuous monitoring programs. 


* Report required corrective actions for all identified findings and vulnerabilities to the ISSM. 


* Support the ISSM, the System and Network Administrator with the implementation, configuration and maintenance of security controls, the installation of security updates, and the installation, removal, upgrade, and replacement of software or hardware.  


* Provide technical support to end users as needed. 


* Perform and assist end users with file tra...