Information System Security Officer

at  Systems Planning and Analysis Inc

Overview:
Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted.
The Classified Systems and Cybersecurity Team under SPA’s Information Technology Department establishes and maintains the classified technology infrastructure and application support services required by our analysts to deliver timely, objective and cost-effective analysis. We design, develop, and deploy hardware- and software based solutions in close coordination with SPA’s client-facing groups while adhering to strict security protocols.
SPA has an immediate need for an Information System Security Officer (ISSO).
Responsibilities:

With minimal supervision, the Information System Security Officer (ISSO) maintains day-to-day security posture and continuous monitoring of classified information systems. This role is specifically designed to fast-track a dedicated ISSO to an ISSM role by providing the first-hand experience required to manage DoD accredited classified information systems throughout the full Risk Management Framework (RMF) lifecycle.

• Conducts reviews and technical inspections to identify and mitigate potential security weaknesses and ensures that all security features applied to a system are implemented and functional.
• Report to the Information System Security Manager (ISSM) while preparing and maintaining security Assessment and Authorization (A&A) documentation, performing audits, participating in incident response activities, and tracking implementation guidance from multiple sources such as Cyberspace Tasking Orders (CTO).
• Interface with client and/or Government personnel and maintaining a thorough understanding of NIST 800-53 controls.
• Collaborate with team members to support Defense Counterintelligence and Security Agency (DCSA) Technical Reviews and Cyber Operational Readiness Assessments (CORA).

Qualifications:

REQUIRED QUALIFICATIONS:

• Active DoD TOP SECRET security clearance
• Bachelor’s degree in an Information Technology related field or equivalent work experience and certifications
• 3 years’ experience in information system security with 1 or more year’s direct experience supporting classified information systems
• Must meet Department of Defense 8140 certification requirements at IAM Level I or higher; acceptable certifications include CAP, GSLC, Security+ CE
• Experience with the Enterprise Mission Assurance Support Service (eMASS)
• Ability to exercise independent judgment and to work autonomously with minimal supervision

DESIRED QUALIFICATIONS:

• Experience validating system compliance using the Security Content Automation Protocol (SCAP) Validation Tool
• Experience performing Vulnerability Management activities using tools such as ACAS or Tanium
• Experience configuring systems for compliance using Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and STIG Viewer

• Conducts reviews and technical inspections to identify and mitigate potential security weaknesses and ensures that all security features applied to a system are implemented and functional.
• Report to the Information System Security Manager (ISSM) while preparing and maintaining security Assessment and Authorization (A&A) documentation, performing audits, participating in incident response activities, and tracking implementation guidance from multiple sources such as Cyberspace Tasking Orders (CTO).
• Interface with client and/or Government personnel and maintaining a thorough understanding of NIST 800-53 controls.
• Collaborate with team members to support Defense Counterintelligence and Security Agency (DCSA) Technical Reviews and Cyber Operational Readiness Assessments (CORA)