Position: Information Systems Security Officer SME (Information Systems Security Officer – SME)
Location: Fairfax, VA (situational telework eligible)
Clearance: TS/SCI Eligible / SAP Eligible
Education: MA/MS (or BA/BS plus an additional 4 years of related work experience)
Outcomes:
The successful candidate is expected to accomplish the following outcomes in the first year on the position:
- Formally track all tasks, including: assigned by, suspense, status, and comments on all assigned tasks through completion; be prepared to brief upon request.
- Develop digital continuity folders and files that include standard operating procedures, workflows, and POC lists to accomplish all tasks.
- Create 2-3 products beyond the client’s requirements that positively impact the client to either increase efficiency, effectiveness, or innovation.
- Master position tasks within 60 days and exceed requirements within 90 days.
Responsibilities:
The ISSO SME provides onsite ISSO expert support to the ISSMs supporting the Mission Architecture Innovation Directorate (CDMM). This directorate designs, configures, accredits, and implements mission and R&D information management systems, cloud solutions, network communications, database management, security accreditation, and workflow management.
Specific tasks include but are not limited to:
- Manage the Risk Management Framework (RMF) process.
- Work the system authorization process.
- Provide Cyber Incident Handling.
- Provide Life Cycle Management (e.g., Engineering Change and Configuration Management).
- Lead and advise on Vulnerability Management, Malware Protection, and Security Assessments, Evaluations, and Reviews.
- Provide continuous monitoring.
- Work the Department of Defense Information Network (DODIN) Connection Approval Process.
- Lead coordination with the Cybersecurity Service Provider (CSSP).
- Collaborate with CDMM ISSM and internal divisions to manage innovation proposals and projects quarterly, supporting efficiency and innovation.
- Pursue increased mission capability, enhance customer experience, and improve enterprise coordination.
- Provide cost/benefit analysis for proposals requiring external resources.
- Conduct and document cybersecurity assessments, security impact analysis, and system authorization of CDMM Information Systems.
- Organize documentation of artifacts in the appropriate repository per CDMM guidance.
Qualifications:
The candidate must have:
- Minimum of 15 years of work-related experience supporting cybersecurity processes and system security evaluation.
- At least 10 years supporting a DoD Component.
- Minimum 3 years as a staff officer (e.g., DoD, Service, CCMD, Joint).
- Experience supporting technical security of military systems, including coalition operations, multi-level security solutions, or bilateral military sharing.
- Experience with at least two of the following: RMF, Systems Authorization, Cyber Incident Handling, System Life Cycle Management, Vulnerability Management, Malware Protection, Security Assessments.
- Familiar with NIPRNET, SIPRNET, JWICS, Defense Messaging System, and SAP networks.
- Knowledge of DoD Directive 8140 compliance.
- Excellent MS Office skills.
- Strong organizational, writing, and presentation skills.
- Analytical with excellent communication skills, able to work independently and in teams.
- Personnel must be IAT Level II certified per DoD 8570.01-M.
- IAM Level III certification (CAP, CASP+CE, CISM, CISSP, GSLC, or CCISO) mandatory; CEH desirable.
Desired qualifications include experience with evaluations/reviews, continuous monitoring, DODIN connection approval, and CSSP.
Travel: Occasional local travel required.
Other Requirements: