Information System Security Officer (ISSO)

SRC, Inc.

is currently seeking an Information System Security Officer (ISSO).

This information system security role is based in Chantilly, VA.

What You'll Do


* Provide advice and assistance to the government regarding the application of security policy


* Identify security requirements and provide technical guidance for the satisfaction of requirement


* Ensure validity and accuracy review of all associated security documentation


* Apply knowledge and experience with standard information system security concepts, practices, and procedures


* Support Risk Management Framework (RMF) processes

What You'll Bring


* Must have current TS/SCI security clearance with CI polygraph to start or you will not be consider


* Bachelor's degree in Cyber Security, Information Systems, Network Engineering, or related field with 6+ years' experience, or Master's degree with 4+ years of experience, or no degree with 10+ years' experience.

Relevant experience should be in the fields of information technology security, information systems security, information assurance engineering, performing certification and accreditation testing


* Knowledge of and experience with the RMF process related to ICD 503, NIST 800 series and the Government's certification and accreditation process


* DoD Directive 8140.01 IAM Level 2 Certification (CGRC, CASP, CISM, CISSP, or CCISO)


* Familiarity with conducting research and analysis


* Familiarity with cyber, network and information system security principles and best practices


* Ability to stimulate rapport with military members, civilians, and other contractors at all levels


* Ability to prioritize tasks


* Familiarity with applicable NRO, Intelligence Community (IC), Department of Defense (DoD) policies, procedures and operating instructions related to Information Technology, Information Assurance, Information Management (IT/IA/IM)

Ways to Stand Out - Preferred Requirements


* Thorough understanding and application of network security principles, practices, and implementations


* Working knowledge of cross-functional integration of information systems into a physical security environment


* Understanding of system methodologies including but not limited to client server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, LAN, switches, and routers


* Familiarity with detecting and preventing computer security compromises in a networked environment


* Working knowledge of configuration management; system maintenance; and integration testing


* Proficient in the use of tools used to prevent and/or negate malicious code


* Understanding of Commercial off-the-shelf (COTS) tools that scan at the physical layer of all removable and fixed media types including but not limited to: (CDs, hard drives, thumb drives, Zip/Jazz, etc.)


* Ability to decipher and explain in clear language Intelligence Community Direct...