Senior Information Systems Security Officer

SAIC
Andover, MA
29 May 2024

Vacancy expired!

Job ID: 2306751

Location: ANDOVER, MA, US

Date Posted: 2023-05-10

Category: Cyber

Subcategory: Cybersecurity Spec

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: Secret

Clearance Level Must Be Able to Obtain: TS/SCI

Potential for Remote Work: No

Description SAIC is seeking an Information Systems Security Officer (ISSO) in our Andover, Massachusetts facility while also supporting our Hanscom AFB deployment. The ISSO provides oversight, guidance, and technical support, on IT and information system security issues affecting the mission of the customer by implementing common information system security practices, policies and technologies. Candidate will interface with multiple government agencies within both the DoD and IC. Additionally, candidate requires an understanding of Contractor Program Security functions, responsibilities, and disciplines that make up a strong Security Program. Primary Responsibilities:
  • Maintain operational security posture for programs and information systems in support of a closed, classified Special Access program multi-disciplinary environment.
  • Information Security interface to government customer Designated Accrediting Authorities across the DoD and Intelligence Communities.
  • Support and track Customer security authorization activities.
  • Perform vulnerability/risk assessment analysis to support authorization and accreditation.
  • Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Authorization and Accreditation (A&A) packages, and Security Controls Traceability Matrices (SCTMs).
  • Perform vulnerability/risk assessments.
  • Conduct periodic reviews and evaluations of required IS policies and procedures.
  • Support IS Security Inspections, tests, and reviews.
  • Support and maintain the IS Continuous Monitoring Plan. Process hardware and software change requests, and conduct software due diligence.
  • Review audit logs for all production systems leveraging the Splunk SIEM tool.
  • Perform weekly Anti-virus updates and monitoring
  • Perform quarterly SCAP scans of all systems.
  • Maintain Systems data, update POAMs, BOEs, for current ATO in eMASS
  • Assist in remediating/mitigating system vulnerabilities.
  • Prioritize, document, and measure risk associated with maintain system security.
  • Be able and willing to work in a small team environment.
  • Support Second tier facility on call requirements.
Qualifications

Required:
  • Bachelor's degree and five (5) years of experience or equivalent in work experience
  • 5 years of experience and required certifications in lieu of degree
  • Candidate must have at least 3 years' experience as an ISSO
  • Valid Security+ CE Certification. Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technical Level 2
  • Must have a current SSBI with TS/SCI eligibility.
  • Experience with the Risk Management Framework (RMF) process
  • Familiarity with Program Security responsibilities to include but not limited to: OPSEC, Program Protection, Personnel Security clearances, Security Training and Education, Classification management
  • Manage and oversee system General and Privileged User program
  • In depth knowledge of network and information system security principles and test practices
  • Previous experience controlling, labeling, virus scanning, and appropriately transferring data (upload/download) between information systems at varying classification levels
  • Familiarity with applicable IC and DoD policies, procedures and operating instructions related to IT, IA and IM.
  • Experience with ICD 503, NIST Special Publications, Intel Community Directives, DoD Issuances, etc.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.