Position: ISSS
Clearance: TS/SCI
Location: Charleston, SC
Contract: Cybersecurity Service Provider (CSSP)
Our great client is seeking an Information System Security Specialist (ISSS) to join our NIWIC team at Charleston, SC. The ISSS primary function is to support the NIWC’s Cybersecurity program.
Essential functions
· The Information System Security Specialist is responsible for supporting all aspects of a Program Information Assurance (IA) processes tailored to include minimum qualification standards, fundamental awareness and familiarity to demonstrated competency with specific experience in Cyber Security, Engineering, Test & Evaluation, (T&E) and/or Security Control Assessor (SCA) under a Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) process.
· The specialist should demonstrate a working knowledge of the Risk Management Framework (RMF) process and/or include prior experience with the Defense Information Assurance & Certification Accreditation Process (DIACAP).
· Familiarity with security policies & guidance documents to assist with the preparation and maintenance of process artifacts, traceability documents purposed for compliance with Authority to Operate (ATO) requirements.
· The specialist is expected to evaluate security solutions to ensure they meet security requirements for processing up to classified information and supervise and/or maintain the operational security posture for an information system or program.
· More senior specialists may assist or develop system security policy and ensure compliance of change management and configuration control processes. Plan and coordinate the IT security program and policies supporting the command leadership mission and goals.
Education:
· Bachelor’s degree in a technical or managerial related discipline or High School Diploma or GED. Individual shall meet the latest Cybersecurity workforce certification/training in accordance with DoD 8570.1M and subsequent DoD 8140 manual, as applicable.
Experience:
· Five (5) years with Bachelor’s degree or seven (7) years with HS/GED of practical experience demonstrating competency in Cybersecurity, Engineering, Test & Evaluation (T&E) or Assessment & Authorization (A&A)/ Certification & Accreditation (C&A) related field.
· Individual shall demonstrate a working knowledge of the Risk Management Framework (RMF) process and/or include prior experience with the Defense Information Assurance & Certification Accreditation Process (DIACAP).
· Individual shall have experience working with Information Assurance tools such as DISA Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS) and may be required to hold an Interim Security Control Assessor qualification.
· Individual shall be familiar with security policies & guidance documents to assist with the preparation and maintenance of process artifacts, traceability documents purposed for compliance with Authority to Operate (ATO) requirements.
· The specialist shall be capable of evaluating security solutions to ensure they meet security requirements for processing up to classified information, and supervise and/or maintain the operational security posture for an information system or program.
· Individual shall have experience assisting or developing system security policy and ensuring compliance of change management and configuration control processes.
· Five (5) years of experience supporting network and system security support, Cyber Security Service Providers or Cyber Red Teams or equivalents within the DoD or Federal government, to include three (3) of the following six (6) areas: Vulnerability Analysis, Network Security Monitoring, Incident Response/Forensics, Penetration Test/Red Teaming.
· Possesses certification in order to meet compliance with 8570 categories of CND Auditor, CND Analyst, CNDSP Manager, CND Incident Responder, CND Infrastructure Support, IASAE I or IASAE II.
· Technical training in Cyber Security, Information Assurance, or Information Technology. Individual shall have Information Assurance Technical (IAT) III certification.
