Information System Security Officer (ISSO)- Arlington, VA - TS/S

Information System Security Officer (ISSO) needed for a direct-hire opportunity with SOC's client to work in Arlington, VA.

Must have Active TS/SCI Clearance

The selected candidate will play a crucial role in safeguarding critical information systems by implementing strong security protocols. This includes creating and enforcing cybersecurity policies, performing security assessments, and staying informed about evolving cybersecurity threats.
Key Responsibilities:

• Ensure compliance with access controls outlined in the Joint Special Access Program Implementation Guide (JSIG).
• Develop and enforce media control procedures, ensuring continuous compliance monitoring.
• Manage access control policies, granting privileges strictly based on the need-to-know principle.
• Investigate potential cybersecurity threats following departmental guidelines and risk management frameworks.
• Maintain and apply confidentiality measures and security protocols.
• Oversee the authentication processes, including generation and validation of credentials.
• Conduct media sanitization through approved procedures such as data clearing, purging, and destruction.
• Secure Controlled Unclassified Information (CUI), Special Access Programs (SAP), Sensitive Compartmented Information (SCI), and Personally Identifiable Information (PII).
• Maintain detailed security documentation and compliance records, including the Body of Evidence (BOE).
• Track, document, and manage system vulnerabilities through Plans of Action and Milestones (POA&M).
• Handle system configurations and documentation within the Enterprise Mission Assurance Support Services (eMASS) framework.
• Monitor compliance with DoD Security Technical Implementation Guides (STIG).
• Implement and manage security monitoring tools such as Splunk, Oracle Cloud Control, and ACAS for continuous assessment.
• Conduct code reviews for security assurance in database and application development.
• Analyze security events and testing outcomes, ensuring proper mitigation strategies.
• Coordinate with teams to integrate security processes into project and configuration management workflows.
• Prepare reports summarizing security compliance and performance test results.
• Develop and enforce security standards and best practices.
• Oversee the implementation and evaluation of cybersecurity programs.
• Assess and recommend information security solutions to meet organizational needs.
• Identify and mitigate security incidents.
• Conduct vulnerability and risk assessments throughout system development and operational phases.

Required Qualifications:

• Qualifications
  
  
• Active TS/SCI clearance with the ability to obtain CI Poly.
• A Bachelor's degree in a relevant field (e.g., Computer Science, Information Systems Management, Engineering) is required for this position.
• 4 years of relevant work experience may be considered in lieu of the degree requirement.
• 7+ years of general experience in cybersecurity or a related field.
• 4+ years of experience displaying strong knowledge of operating systems (e.g., Windows, Linux).
• 4+ years of cybersecurity experience in the Department of Defense (DoD) or Intelligence community.
• Strong knowledge of cybersecurity principles, tools, and techniques.
• Demonstrated experience with the Risk Management Framework (RMF), Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) FIPS 199/200 and Special Publications.
• Experience with the Federal Risk and Authorization Management Program (FedRAMP).
• Security+ or equivalent (DoD 8570) if no current IAM Level II certification (below).
• Quick learner and team player.
• IAM level II certification (CASP+, GSLC, CISM, CISSP, CCISO), or ability to obtain certification within six months of hiring.
• Experience as a Cyber or Security Analyst or Security Control Assessor (SCA) for federal information systems.
• Experience with the Special Access Programs (SAPs) and Intelligence Community (IC).
• Knowledge and/or understanding of Joint Special Access Program Implementation Guide (JSIG).
• The ability to adapt in fast paced environments, comfort with ambiguity.
• Familiarity with cloud technologies, security practices, and agile methodologies.
• Strong self-organization and self-management skills with emphasis on self-initiation and follow through.
• Proven written and oral communication skills.
• Experience in reviewing proposed change requests related to system design/configuration and performing security impact analysis.
• The ability to work independently.

Employment Pre-requisites
The following requirements must be met to be eligible for this position: successful completion of a background investigation, and d rug urinalysis.

SOC, a Day & Zimmermann company, is an Equal Opportunity Employer, EOE AA M/F/Vet/Disability.

#INDSOC

Estimated Min Rate: $114800.00
Estimated Max Rate: $164000.00