Information Systems Security Officer - Journeyman

Position: Information Systems Security Officer - Journeyman (Information Systems Security Officer - Journeyman)

Location: Ft. Washington CDM Facility or CDM Waples Mill Facility Fairfax, VA (Onsite)

Clearance: TS/SCI Eligible (must have active TS/SCI)

Education: BA/BS (or AA/AS plus an additional 4 years of related work experience)

Outcomes:

The successful candidate is expected to accomplish the following outcomes in the first year on the

position:

• Formally track all tasks, to include: assigned by, suspense, status, and comments on all assigned tasks through completion and be prepared to brief upon request.

• Develop digital continuity folders and files that include standard operating procedures, workflows and POC lists to accomplish all tasks.

• Create 2-3 products beyond the client's requirements that positively impact the client to either increase efficiency, effectiveness, or innovation.

• Master position tasks within 60 days and exceed requirements within 90 days.

Responsibilities:

The Information Systems Security Officer (ISSO) Journeyman provides onsite ISSO support to the Information Security Managers (ISSMs) of CDMM where the Mission Architecture Innovation Directorate (CDMM) Systems are located. The Mission Architecture Innovation Directorate provides design, configuration, accreditation and implementation of mission and R&D information management systems and cloud-based solutions that support defense and intelligence priorities as well as internal business processes and mission functions, network communications, database management, security accreditation, and workflow management.

The ISSO Journeyman supports CDMM ISSMs and ISSEs with coordination of cybersecurity - related processes and activities for CDMM Information Systems and related interfaces. Per PWS section 1.3.9.1, Information System Security Officer (ISSO), and section 2.25.7.3 IT Systems Engineer, the specific tasks include but are not limited to:

ISSO responsibilities (PWS 1.3.9.1):

• Assist with the Risk Management Framework (RMF), system authorization, Cyber Incident Handling, System Life Cycle Management, Engineering Change and Configuration management, Vulnerability Management, Malware Protection, Security Assessment/Evaluations/Reviews, Continuous Monitoring, DoD Information Network (DODIN) Connection Approval, and Cybersecurity Service Provider (CSSP) processes.

• Work with the CDMM to assist with iterative innovation proposals and projects to be implemented quarterly. Such proposals and projects may be implementing best practices, innovative technology, and/or process improvements that would support the overarching objective of managing CDMM daily operations more efficiently across the department.

• Support initiatives to provide increased mission capability, enhancing customer experience, and improving coordination across the enterprise.

• Assist with cost/benefit analysis in support of proposals for Government review for any recommended efforts that require resources external to the organization.

• Support documentation of cybersecurity assessments, security impact analysis, and system authorization of CDMM Information Systems.

• Submit and organize documentation of such artifacts in the appropriate repository per CDMM guidance.

Qualifications:

The candidate must have the following qualifications:

• Minimum of five (5) years of work-related experience, to include supporting cybersecurity related processes and initiating and evaluating system security.

• Of those 5 years, a minimum of four (4) years of related work experience supporting a DoD Component.

• Experience supporting technical security of military systems with at least two of which include: experience in coalition operations, multi-level security solutions, or bilateral military information sharing.

• Experience in some of the following processes and familiarity with all: Risk Management Framework(RMF), Systems Authorization, Cyber Incident Handling, System Life Cycle Management processes (e.g. Engineering Change and Configuration Management), Vulnerability Management, Malware Protection, and Security Assessments.

• Familiar with the Interface with NIPRNET, SIPRNET, JWICS, Defense Messaging System, and other networks (to include SAP networks).

• Experienced in complying with DoD established Directive 8140.

• Good MS Office Software (Outlook, Word, Excel and PowerPoint) skills.

• Good organization, writing and presentation skills..

• Must be analytical, possess good communication and presentation skills and the ability to work independently in an ambiguous environment and as a member of a team.

ISSO:

• Certification: IAM Level III certification (i.e. CAP, CASP CE, CISM, CISSP, GSLC, or CCISO) mandatory, shall comply with DoD established directive 8140.

IT Systems Engineer (PWS 2.25.7.3):

• Certification: One of the following: CISSP, CISM, or CASP - mandatory.

The following qualifications are desired:

• Experience with Evaluations/Reviews, Continuous Monitoring, DODIN Connection Approval Process, and Cybersecurity Service Provider (CSSP)\

• Experience as a staff officer (e.g. DoD staff, Service Staff, CCMD staff, Joint Staff, or equivalent) and may be included in the years of work-related experience.

Travel: Occasional local travel required.

Other Requirements: