Softworld Cleared ISSO/ISSM in Cambridge, Massachusetts
Employment Type: Contract
Job Number: 228171
Information System Security Officer (ISSO)
This task is responsible for assisting in the creation of Risk Management Framework (RMF) submission packages for classified information systems that support Strategic Systems. This is a changing environment that demands superior customer service, communication, and organizational skills.
Perform functions of the development, implementation and evaluation of information systems security program for assigned programs in compliance with NIST SP 800 Series / Risk Management Framework (RMF), NISPOM and DAAPM
- Ensure the systems are operational, maintained and disposed of in accordant with security policies and procedures.
- Provides guidance for Computer Security needs based on the National Industrial Security Program Operating Manual, Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), and Draper Policy and Procedures Manual.
- Apply cyber security standards, directives, guidance and policies to special programs classified computing environments.
- Verify the implementation of delegated aspects of the IS security program
- Ensure all proper account management documentation is completed
- Perform tasks related to compliance of Continuous Monitoring (ConMon) Plans (e.g., audit log review, security patching, software and hardware configuration management).
Assist with DSS site visits and reviews of IS pending accreditation
- Conduct regularly scheduled internal auditing
- Assist with IS POA&M execution
- Coordinate with all users and stakeholders
- Must have demonstrated ability to follow-up and solve problems.
2-4 years of ISSO/ISSM experience.
- Bachelor's degree in Computer Science, Information Technology, Computer Information Systems, or related field desired. Experience as an ISSM may be substituted for a Bachelor's degree.
- Technical experience and skill securing operating systems such as Linux, Windows Server/client OS, virtualization technologies, and applying encryption standards.
- Ability to work in a team environment as well as independently, demonstrate excellent problem solving abilities, be well organized, flexible, and self-motivated.
- Experience using vulnerability scanning tools such as NESSUS, SCAP, RETINA, SECSCN, WASSP
- Experience conducting security analysis to include security categorizations and risk assessments.
This position will require a SECRET Security Clearance.