Information Systems Security Officer (ISSO)

Applied Research Associates (ARA), Inc.

has an immediate need for an experienced Information Systems Security Officer (ISSO) for the Integrated Missions System Sector in Raleigh, NC.

The ISSO will support the Information System Security Manager (ISSM) to ensure the appropriate operational security posture is maintained for multiple information systems and secure networks.

The ISSO will continuously monitor that each system or network meets the Risk Management Framework (RMF) requirements and are kept up to date according to System Security Plans, the DAAPM/NISPOM, and applicable NIST Publications.

In this position, the ISSO will build, configure and maintain systems that adhere to a collective of different government regulations.

What you'll do as an ISSO:



* Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures


* Generate and maintain required IS security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices, Risk Assessments, Plan of Action & Milestones (POA&M), equipment specifications, practices and procedures


* Maintain day-to-day security posture and continuous monitoring of various classified systems


* Assist in ensuring compliance with the DCSA Assessment and Authorization Process Manual (DAAPM), Department of Defense (DoD) regulations, Intelligence Community Directives (ICDs), and Security Technical Implementation Guides (STIGs)


* Schedule, perform and maintain records of required IS auditing, patching, maintenance, software/hardware changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirements


* Develop and conduct test procedures for verification of Assessment and Authorization (A&A) & Risk Management Framework (RMF) safeguards to meet customer requirements based upon NISPOM, DAAPM and related NIST publications


* Assess changes to an IS by performing periodic self-inspections, tests and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed; ensure corrective actions are taken for identified findings and vulnerabilities


* Maintain a working knowledge of IS functions, security policies, technical security safeguards, and operational security measures.

Coordinate with Facility Security Officer (FSO) and Program Security Officers (PSO) to define, implement and maintain information security policies, strategies, and procedures


* Implement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents


* Assist ISSM with the development, documentation, and presentation of classified IS security education, awareness, and training activities


* Assist the ISSM with preparation for Defense Counterintelligence and Security Agency (DC...