Information System Security Officer (ISSO)

Information System Security Officer

XVIII ABC Hub and Spoke MTCs provide individual and collective training on Army Mission Command Systems, using a variety of tools and Army fielded systems. These systems are used to support Small Unit Training: Squads through Company, Medium Unit Training: Battalion through Brigade, and Large Unit Training: Divisions and Corps in training environments ranging from Stability and Support Operations (SSO) through Unified Land Operations (ULO).

HOW AN INFORMATION SYSTEM SECURITY OFFICER (ISSO) WILL MAKE AN IMPACT:

• Coordinates directly with the Government ISSM, contractor ISSO-N, and Network Engineer to ensure the appropriate operational security posture is maintained and documented for MTC information systems.
• Responsible for defining & implementing SOPs; implementing DoD, Department of the Army (DA), & MTC policies; creating & implementing plans of action and milestones (POA&M) in response to vulnerabilities identified during risk assessments, audits, & inspections.
• Assures successful implementation and functionality of security requirements and appropriate IT policies/procedures that are consistent with the organization’s mission and goals.
• Participates in special projects and performs additional duties as required to support customer requirements.

WHAT YOU’LL NEED TO SUCCEED:

• Education: HS Diploma
• Experience: 4-8 years’ experience
• Required Technical Experience:
  • In-depth knowledge of NIST, DoD, and DoA Cybersecurity and RMF policies, directives, instructions, manuals, and best business practices: NIST 800-53, FIPS 140-3/199/200/201, DHS 4300A SSA, RMF 2.0.  
  • Must be well versed in Windows client OS, Windows Server 2019, Microsoft SQL 2019/2022, and Red Hat Enterprise Linux 7/8 with emphasis on AGM images.
  • Must be experienced with DA/NETCOM Risk Management Framework, particularly RMF 2.0; DISA Security Technical Implementation Guide (STIG) process; Assured Compliance Assessment Solution (ACAS) administration and vulnerability scanning: Tenable.SC security umbrella including Nessus Vulnerability Scanner and Nessus Network Monitor (NNM); Trellix ePolicy Orchestration (ePO) (ESS/ENS/HBSS) administration; domain administration to include active directory management, group policy object administration, client/host registry administration; experience with hypervisor and virtual machines, particularly VMware ESXi/vSphere/vCenter 6.7 or higher; familiarity with Microsoft Internet Information Services (IIS) and utilization of SolarWinds network management suite or similar network monitoring solution; and Microsoft SQL 2019/2022 database administration.   
  • Experience with DoD/DA IAVM tracking, reporting, and implementation of cybersecurity best practices on formulating remediation guidance for supported platforms is also required. Provides oversight of RMF technicians, audits RMF technician actions, performs log collection and analysis in support of site security operations, and possess knowledge of the DoD/DoA Authority to Operate (ATO) / Authority to Connect (ATC) process and regulations.
  • Must be experienced with analyzing network security architectures and network design data flow diagrams that provide port, protocol, and service details. Experience with Cisco network equipment is preferred: including but not limited to: Cisco switches, routers, and Unified Call Manager. 
  • Position requires general knowledge and diagnostic abilities to solve network/system/server/client technical problems associated with maintaining security boundary equipment across a complex network and adapting to support operations. Additionally, requires strong written and verbal communication skills and work both autonomously and within a team environment.

• DoD Certification and Training Requirements:
  • IAM-II Baseline Certification in accordance with current DoDD 8140 (8570.1): CASP+, CISSP, CAP, CISM, CCISO required.
  • Position complies with all DoD, DoA, and company training requirements IAW Government policy, DoDD 8140 IA Workforce Improvement Program, Army Regulations, and company and site policies.

• Security Clearance: Secret Clearance required to start, must able to obtain and maintain TS/SCI
• Location: On-Site; Normal work schedule is 0730-1630, may require night, swing, or weekend work shifts depending on specific training event requirements.
• Travel: May require occasional travel (less than 10%).

GDIT IS YOUR PLACE:

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and company-paid holidays

#GDITArmy