View Our Website View All Jobs

Information Systems Security Officer (USSS)

Information Systems Security Officer

TISTA Science and Technology Corporation, a CMMI Maturity Level 3 company, focuses on delivering information technology (IT) and professional services to Federal and State agencies. TISTA is an Inc. 500 company, a recipient of the 2010 Top 100 Service-Disabled Veteran-Owned Businesses from Diversity Business, recognized in Washington Technology’s FAST 50 list of the fastest growing small businesses in government contracting in 2012 & 2013, recognized as the Top 25 Fastest Growing Small Technology companies by the Washington Business Journal in 2014 & 2015, and selected as the Veteran Owned Company of the Year in 2014 by the Montgomery County MD Dept. of Economic Development. 

  
Job Description:

The Information Systems Security Officer (ISSO) will provide support extending to all aspects of IT services including: applications; desktop and laptop computers; Wide Area Network (WAN)/Local Area Network (LAN) connectivity (secure and non-secure); audio-visual and video-teleconferencing; telecommunications (secure and non-secure); software and hardware acquisition and installation. The ISSO will be responsible for providing risk and vulnerability assessments, reports, and develop documentation as required per customer.  The ISSO will be expected to develop and maintain Security Authorization packages in accordance with DHS, NIST and ICD 503/CNSS standards and guidelines.

Responsibilities:

  • Ensure that the Automated Information System (AIS) are operated, used, maintained, and disposed of in accordance with internal security policies and practices
  • Ensure that the AIS are accredited based upon NIST guidance and accredited the AIS utilizing the NIST RMF process or ICD 503 templates if NSS/classified information system
  • Enforce security policies and safeguards on all personnel having access to the AIS for which the ISSO has responsibility.
  • Ensure users and system support personnel have the required security clearances, authorization and need-to-know; have been indoctrinated; and are familiar with internal security practices before access to the AIS is granted.
  • Ensure audit trails are reviewed periodically in accordance with departmental policy and the Security Authorization documentation (e.g., weekly or daily).
  • Ensure that audit records are archived for future reference and audit artifacts are generated as needed.
  • Initiate protective or corrective measures if a security problem is discovered.
  • Report security incidents in accordance with DHS Management Directive 4300 to the Authorizing Official (AO) and System Owner (SO) when an AIS is compromised or a suspected compromise has occurred.
  • Report AIS security status as required by DHS Management Directive 4300 and the AO.
  • Determine when time-sensitive system patches identified by the DHS Security Operations Center must be quickly implemented to protect systems.
  • Evaluate known vulnerabilities to ascertain if additional safeguards are needed.
  • Maintain a plan for site security improvements and progress towards meeting the Accreditation/reaccreditation of their respective AIS.
  • Perform all ISSO duties as directed by DHS Component policy and DHS Management Directive 4300(A/B/C).
  • Perform duties as the security specialist for secure rooms/SCIFs which have the possibility to process information up to the TS/SCI level (where applicable).

Requirements:

  • A minimum of three (3) years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field.
  • Demonstrates a proficiency with developing, maintaining and managing Security Authorizations and Assessments packages.
  • Experience with developing and managing Plans of Action & Milestones (POA&Ms)
  • Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities.
  • Technical experience with reviewing vulnerability scans and providing mitigation techniques.
  • Possess expertise in conducting annual assessments.
  • Experienced writing security related policies and procedures
  • Possess experience conducting Contingency Plan test
  • Experience with conducting audit log reviews.
  • Experience with NIST Special Publications and guidance.
  • Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment.
  • Excellent communication (written and verbal) skills

Education:

  • Bachelor’s degree or higher in Computer Science, Information Technology, Information Security, or similar fields.
  • Certifications:
  • A minimum of at least one (1) certification must be active relating to information security such as:
  • Certified Information Systems Security Professional (CISSP)
  • GIAC security certification (e.g. GCIH, GWAPT, GPEN, GSLC, etc.)
  • CompTIA Security +

Clearance

  • Active Top Secret Clearance

 
Equal Opportunity Statement 
TISTA is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.

Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

150
To comply with government Equal Employment Opportunity / Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race/Ethnicity

Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status
I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER

Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 1/31/2020
Why are you being asked to complete this form?

Because we do business with the government, we must reach out to, hire, and provide equal opportunity to qualified people with disabilities.i To help us measure how well we are doing, we are asking you to tell us if you have a disability or if you ever had a disability. Completing this form is voluntary, but we hope that you will choose to fill it out. If you are applying for a job, any answer you give will be kept private and will not be used against you in any way.

If you already work for us, your answer will not be used against you in any way. Because a person may become disabled at any time, we are required to ask all of our employees to update their information every five years. You may voluntarily self-identify as having a disability on this form without fear of any punishment because you did not identify as having a disability earlier.

How do I know if I have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Blindness
  • Deafness
  • Cancer
  • Diabetes
  • Epilepsy
  • Autism
  • Cerebral palsy
  • HIV/AIDS
  • Schizophrenia
  • Muscular dystrophy
  • Bipolar disorder
  • Major depression
  • Multiple sclerosis (MS)
  • Missing limbs or partially missing limbs
  • Post-traumatic stress disorder (PTSD)
  • Obsessive compulsive disorder
  • Impairments requiring the use of a wheelchair
  • Intellectual disability (previously called mental retardation)
Please check one of the boxes below:

You must enter your name and date
Your Name Today's Date
Reasonable Accommodation Notice

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.


iSection 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.


PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.