Cybersecurity Analyst/Information System Security Officer (ISSO)

Location: Crystal City, VA
Date Posted: 06-05-2017

Cybersecurity Analyst/Information System Security Officer (ISSO)

Job Title: Cybersecurity Analyst/Information System Security Officer (ISSO)
Job Category: Systems Services
Job Type: Regular
Primary Location: USA-VA: VIRGINIA-ARLINGTON
Schedule: Full-time
Remote Work Authorized: No
Relocation Assistance: Not Available
Travel: Yes, 10 % of the Time
Clearance Level: MBI
Employee Status: Regular
 
Description
 
Our client provides technical support services to the Office of Acquisition (OA) of the U.S. Customs and Border Protection (CBP), the nation’s largest law enforcement agency. Their experienced personnel enhance CBP’s proficiencies in Systems Engineering, Logistics & Sustainment, and Capabilities and Requirements Development to provide CBP’s agents along our borders with the most capable systems which can affordably be procured. The team provides engineering and analytical expertise across a wide range of disciplines, meeting all DHS Systems Engineering Life Cycle mandated planning analysis and documentation; provide a full spectrum of Integrated Logistics Support; development of Operational Requirements; and conduct Operational Test & Evaluation activities. They help CBP procure the equipment and technology needed to keep the border safe and secure.

Currently, they are seeking a cybersecurity analyst/Information System Security Officer (ISSO) in Crystal City, VA. The selected candidate must currently hold or be able to obtain a CBP Background Investigation Suitability clearance, per contract requirements.

So what is required of a cybersecurity analyst/ISSO on a day to day basis?
There are quite a myriad of tasks and responsibilities, such as:
· Implement security requirements based on laws, regulations or Presidential directives in compliance with FISMA and DHS Cyber-security initiatives
· Integrate security design principles across disciplines and SELC process
· Review proposed new systems, networks, software for potential security risks
·Review security related product selection and implementation activities
·Participate and provide security support in Vendors Source Selection process
·Define the scope and level of detail for security plans applicable to the system
· Identify need for changes based on new security technology and evolving threats
· Analyze change requests to the system for security posture impact/updates
· Execute duties described in DHS ISSO and DHS Security Authorization Guide
· Manage and maintain system authorization status or Authority to Operate (ATO)
·Perform Certification and Accreditation (C&A) to existing and new systems
·Responsible for oversight and coordination of C&A activities of each system
· Apply CBP Security Certification and Accreditation Process to assigned systems
·Generate Security Artifacts templates for C&A artifacts requirement
·Review and recommend approval on systems FIPS 199 and E-Authentication
·Prepare and provide DHS formatted System Security Plan
·Prepare System Owner and Information System Security Officer letters
·Coordinate Security Test and Evaluation events between involved stakeholders
·Participate Security Test and Evaluation process and Review ST&E report
·Perform Vulnerability Assessment review and generate reports for System Owner and stakeholders

Is this job the next step in your career? Are you ready to help keep America’s border safe?
 
 

Qualifications
To qualify, you must meet these basic qualifications:
· Bachelor degree and at least 3 years of progressive technical (hands-on) experience related to Information Assurance, Cyber Security, Systems Engineering requirements, assessments, development, and implementation
·Industry knowledge and experience with information security toolsets including anti-virus, assessment, scanning tools
· Knowledgeable of NIST Special Publications related to the computer security community.
· Knowledgeable with DHS IACS compliance tools, controls and processes
· Experience conducting cybersecurity audits to ensure appropriate implementation and security compliance
· Performing and providing vulnerability assessment results and recommendations
·Assessing known systems vulnerabilities and verifying system hardening and patching activities to ensure compliance with applicable Security Requirements and related checklists
· Working knowledge of cyber security toolsets
· Experience with network and system security administration, including operating system security configuration and account management best practices for Operating Systems
· Understanding of Systems Engineering requirements, specifications, and demonstrated experience implementing DoD and/or Federal IA Certification and Accreditation Processes, assessing and validating compliance with IA controls and developing and maintaining associated certification and accreditation documentation
· Have detailed knowledge of the latest versions of NIST Special Publications (SP) 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, 800-60, etc.
·Have experience with identification, documentation, and testing of security controls for information technology systems in accordance with the above NIST guidance.
· Have experience with identification of security risks (threat/likelihood/impact) to the system, networks, and organization and documenting risks for management review.
· Have experience with technical vulnerability scanning and secure configuration assessments, and documenting analysis of results.
· Ability to interface with customers of various levels, to include but not be limited to Authorizing Officials, Information System Owners, Independent Security Assessment Team and Technical system personnel.
· Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various operating systems (e.g. Windows, Unix, Linux, and Mac).
· Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of various applications (e.g. Oracle, SQL Server, Apache, IIS).
·Have experience with analyzing vulnerabilities and providing guidance on secure IT implementation of network devices (e.g. switches, routers, firewalls).
·Have experience with analyzing vulnerabilities and providing guidance on secure architecture design of various applications (e.g. internal-only, publicly available).
·Have experience serving as an ISSO with a federal government system, a DHS system is a plus
· Ability to interface with other systems’ ISSOs and provide support on multiple systems and security related issues

Other qualifications include:
·Excellent verbal/written communication skills
·Excellent interpersonal skills
· Able to work in a team environment
· Understand Systems Engineering best practices
·Understand the Systems Engineering “V” complete lifecycle
or
this job portal is powered by CATS