Information Systems Security Officer (ISSO), Joint Base Andrews, MD

  • Responsibilities:
    • Responsible for ensuring appropriate operational security posture is maintained. 
    • Implement and enforce all Air Force cybersecurity policies, procedures, and countermeasures. 
    • Maintain all authorized user access control documentation IAW applicable AF Records Information Management System (AFRIMS). 
    • Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRGs)). 
    • Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. 
    • Coordinate changes or modifications with the Information System Security Manager (ISSM) and/or the Security Control Assessor (SCA). 
    • Initiate exceptions, deviations, or waivers to cybersecurity requirements. 
    • Assist the ISSM in meeting duties and responsibilities. 
    • Implement and enforce all DoD cybersecurity policies and procedures, as defined by cybersecurity-related documentation. 
    • Ensure all users have requisite security clearances and access authorization. 
    • Initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities. 
    • Ensure all DoD cybersecurity-related documentation is current and accessible to properly authorized individuals. 
    • Implement the Risk Management Framework (RMF) across multiple programs in accordance with National Institute of Standards and Technology (NIST) and Air Force policy and directives. 
    • Develop artifacts and supporting evidence to satisfy all applicable RMF Controls and corresponding Control Correlation Identifiers (CCI’s). 
    • Develop and/or update the Plan of Action and Milestones (POA&M) to document all known vulnerabilities to correct or mitigate risks. 
    • Manage system authorization packages and ATO’s using Enterprise Mission Assurance Support Service (eMASS). 
  • Required Qualifications:
    • A current DoD 8570 IAM Level II certification (CAP, CASP CE, CISM, CISSP, GSLC) is required. 
    • Active, in-scope US Government issued Top Secret clearance the ability to obtain SCI eligibility  
    • Due to the nature of the work and contract requirements, US Citizenship is required. 
  • Required Security Clearance:  TS/SCI
  • Desired Qualifications 
    • IAM Level III Certification (CISM, CISSP, GSLC). 
    • Five years direct experience in the last seven years. 
    • Functional knowledge of DoD and Air Force cyber policies and directives. 
    • Knowledge of US Government security regulations and methodologies, FISMA, FedRAMP, and NIST special publications. 
    • Experience creating DOD RMF packages and associated work products and managing them through the program lifecycle. 
    • Familiar with eMASS and associated workflows. 
    • Familiarity with coalition and multi-national information sharing systems, policies, and environments. 
    • Experience with the Cross Domain Solution (CDS) authorization process 
  • Education 
    • Bachelor’s Degree in a related discipline (e.g. Computer Science, Computer Information Systems, Math, Engineering). 
    • With at least fifteen (15) years of general experience of which ten (10) years is directly related experience, a degree is not required 

We collaborate closely with clients to support the warfighter.

Industry News & Updates

© 2020 LightGrid LLC.