top of page

Information System Security Officer (ISSO)

Job Title:  Information System Security Officer (ISSO)

Job Location:  Joint Base Andrews, MD

Security Clearance: Active, in-scope US Government issued Top Secret clearance the ability to obtain SCI eligibility 

 

Job Responsibilities:

C3EL is seeking an innovative and highly-driven individual to join our team as an Information System Security Officer

 

  • Responsible for ensuring appropriate operational security posture is maintained.

  • Implement and enforce all Air Force cybersecurity policies, procedures, and countermeasures.

  • Maintain all authorized user access control documentation IAW applicable AF Records Information Management System (AFRIMS).

  • Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRGs)).

  • Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.

  • Coordinate changes or modifications with the Information System Security Manager (ISSM) and/or the Security Control Assessor (SCA).

  • Initiate exceptions, deviations, or waivers to cybersecurity requirements.

  • Assist the ISSM in meeting duties and responsibilities.

  • Implement and enforce all DoD cybersecurity policies and procedures, as defined by cybersecurity-related documentation.

  • Ensure all users have requisite security clearances and access authorization.

  • Initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities.

  • Ensure all DoD cybersecurity-related documentation is current and accessible to properly authorized individuals.

  • Implement the Risk Management Framework (RMF) across multiple programs in accordance with the National Institute of Standards and Technology (NIST) and Air Force policy and directives.

  • Develop artifacts and supporting evidence to satisfy all applicable RMF Controls and corresponding Control Correlation Identifiers (CCI’s).

  • Develop and/or update the Plan of Action and Milestones (POA&M) to document all known vulnerabilities to correct or mitigate risks.

  • Manage system authorization packages and ATO’s using Enterprise Mission Assurance Support Service (eMASS).

 

Minimum Qualifications:

  • A current DoD 8570 IAM Level II certification (CAP, CASP CE, CISM, CISSP, GSLC) is required.

  • Active, in-scope US Government issued Top Secret clearance the ability to obtain SCI eligibility 

  • Due to the nature of the work and contract requirements, US Citizenship is required.

 

Desired Qualifications:

  • IAM Level III Certification (CISM, CISSP, GSLC).

  • Five years direct experience in the last seven years.

  • Functional knowledge of DoD and Air Force cyber policies and directives.

  • Knowledge of US Government security regulations and methodologies, FISMA, FedRAMP, and NIST special publications.

  • Experience creating DOD RMF packages and associated work products and managing them through the program lifecycle.

  • Familiar with eMASS and associated workflows.

  • Familiarity with the coalition and multi-national information sharing systems, policies, and environments.

  • Experience with the Cross Domain Solution (CDS) authorization process.

 

Education:

  • Bachelor's Degree in a related discipline (e.g. Computer Science, Computer Information Systems, Math, Engineering).

  • With at least fifteen years of general experience of which ten years is directly related experience, a degree is not required.

bottom of page