Information System Security Officer (ISSO)

• Must possess an active Top Secret/SCI clearance with an active polygraph. Both the clearance and polygraph need to be fully adjudicated. Interim clearances will not be accepted.
• U.S. Citizenship required in order to comply with government contract.

Best Value Technology, Inc. (BVTI) is a service-disabled veteran-owned small business (SDVOSB) looking for an Information System Security Officer (ISSO) to join our team supporting federal customers in the Intelligence Community on a long-term, high-profile contract. The ISSO will interpret and institute all procedures and policies required to ensure the safeguarding of classified and sensitive information in the assigned networks and will serve as the point of contact regarding all computer security-related issues. The ISSO will provide information system security support for Directorate of Acquisition Management to address SSP process, training and awareness to customers, physical security, auditing and continuous monitoring, incident and violations reporting and response, risk management, accreditation.

DUTIES AND RESPONSIBILITIES

• Work alongside Systems Administrators to ensure that all information systems are operated, maintained and disposed of in accordance with established security policies and practices.
• Coordinate with physical security personnel to ensure the physical protection of IS assets.
• Perform continuous monitoring of systems to ensure the system stays in an accredited state by performing software patching and updates.
• Conduct security audits of systems and initiate corrective actions if a security problem is discovered.
• Inform Systems Administrators when protective or corrective measures are needed to resolve security issues or meet security standards.
• Conduct risk assessments and provide recommendations to ensure and maintain accreditation.
• Evaluate proposed changes or additions to the information systems and advise the team of the security relevance.
• Maintain documentation of the system administrator’s PKI and PRIVAC status.
• Ensure the IS remains in compliance for vulnerabilities, and any other security-related notices.
• Review security-engineering design, seek approval, support implementation, and testing for all aspects of IA, and IS (InfoSec) engineering at all stages of the Systems Development Life Cycle (SDLC) process.
• Assess system security threats/risks throughout the program life cycle and work with Systems Administrators to implement corrective action.
• Review and monitor security designs in hardware, software, data, and procedures.
• Perform systems certification and accreditation planning and testing and liaison activities.
• Prepare and maintain C&A documentation such as SSP, Security CONOPS, ST&E reports, etc.
• Review various documents and files for transfer across systems or before release.
• Communicate with the customer’s security authorities to ensure compliance and negotiate proposed system or policy changes.
• Ensure users and systems support personnel have the required security clearance and need-to-know to utilize the system.
• Conduct user security training and awareness activities.

REQUIRED EDUCATION, KNOWLEDGE AND SKILLS

• Bachelor's Degree in a STEM field.
• Minimum of five (5) years of experience in information security or risk management.
• Automated Information System (AIS) security experience with multiple IC SCI Control Systems, DoD Special Access Program (SAP)/Special Access Required (SAR) activities, and SCI Special Handling.
• An active technical certification compliant with DoD 8140.
• CompTIA Security + Certification

PREFERRED EDUCATION AND EXPERIENCE

• The following certifications are preferred:
  • Certified Information Systems Security Professional (CISSP) Certification
  • Certified Information Systems Auditor (CISA) Certification
  • Certified Information Systems Manager (CISM) Certification

Receive tips & info on cleared job search, security clearances and career development.