Information Systems Security Officer CTJ - Poly

Apply Now

Company: Microsoft

Location: Arlington, VA 22204

Description:

The security of our nation and preservation of our nation's interest are critical to the safety and prosperity of the United States. Microsoft Corporation is proud to have the opportunity to serve as a trusted company of high-risk systems and is seeking a qualified candidate to join our National Security organization as an Information Systems Security Officer (ISSO) in the VA area.

We are seeking a highly skilled and dedicated Information Systems Security Officer (ISSO) to support our Special Access Program (SAP). This role requires a motivated and experienced cybersecurity professional to manage the security posture of SAP systems, performs end-to-end security analysis, ensure compliance with government regulations, and protect the confidentiality, integrity, and availability of critical information assets. The ISSO will be instrumental in implementing and maintaining security protocols, policies, and controls in compliance with the Joint Special Access Program Implementation Guide (JSIG), NIST standards, and other applicable government requirements.

If you have experience implementing NIST RMF requirements for National Security Systems, this is an exciting opportunity and you are encouraged to apply today.

Responsibilities:

Program control processes or content for assessment artifacts in scope will include:
  • Security Compliance & Policy Management: Implement and enforce security policies and procedures in alignment with the SAP security requirements, including adherence to JSIG, ICD 503, RMF, NIST SP 800-53, and other relevant guidelines.
  • System Security Planning & Assessment: Develop, maintain, and enforce System Security Plans (SSPs) and Security Control Traceability Matrices (SCTMs) for assigned SAP systems. Lead the assessment and authorization process, ensuring systems maintain an Authority to Operate (ATO).
  • Risk Management: Identify, analyze, and mitigate risks across SAP information systems. Perform continuous monitoring and risk assessments, providing recommendations to senior leadership on effective risk management strategies.
  • Configuration Management: Assist with the implementation and management of configuration controls on SAP systems, ensuring that all changes follow secure baseline configurations and comply with the Configuration Management Plan.
  • Documentation & Reporting: Assist and maintain accurate and detailed documentation of security activities, incident reports, risk assessments, and audit results. Provide periodic status reports to program leadership and government stakeholders.
  • Continuous Monitoring: Develop and implement continuous monitoring strategies to assess SAP systems' security postures actively. Conduct periodic system reviews, audits, and vulnerability scans to ensure ongoing compliance.
  • Represent Microsoft in engagements with external entities and the U.S. Government.
  • Required to travel a maximum of 25% to maintain system accreditation.
Other
  • Embody our culture and values


Qualifications:

Required/Minimum Qualifications
  • 4+ years experience in Security Program or Program Management or related field.
  • 4 years of experience with Bachelor's degree in cybersecurity or relevant field
  • 1 year of experience in the DoD or intelligence community
  • Current IAM DoD Level 1 Security certification (CAP, GSLC, or Security+ CE)
Other Requirements

The successful candidate must have an active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph. Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. Failure to maintain or obtain the appropriate U.S. Government clearance and/or customer screening requirements may result in employment action up to and including termination.

Clearance Verification:

This position requires successful verification of the stated security clearance to meet federal government customer requirements. You will be asked to provide clearance verification information prior to an offer of employment.

Cloud Screening:

Candidates must be able to successfully complete and pass a Microsoft Cloud background screening. This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.

Citizenship & Citizenship Verification: This position requires verification of U.S citizenship due to citizenship-based legal restrictions. Specifically, this position supports United States federal, state, and/or local United States government agency customers and is subject to certain citizenship-based restrictions where required or permitted by applicable law. To meet this legal requirement, citizenship will be verified via a valid passport, or other approved documents, or verified US government clearance.

Preferred Qualifications :
  • 2 years of information assurance experience, including evaluating, testing, certifying and accrediting of classified and sensitive but unclassified information systems as well as Commercial Off The Shelf (COTS) and Government Off The Shelf (GOTS) products.
  • 2 years of network and/or system administration.
  • Experience with analysis and evaluation of both hardware and software in support of Intelligence Community (IC), Department of Defense, and other Federal Government Agencies.
  • Experience applying security risk assessment methodology to system development, including threat model development, vulnerability assessments, and resultant security risk analysis.
  • Experience or knowledge of construction for a secure area, ICD 705
  • Experience with Special Access Programs (SAP)
  • Experience managing keying devices, lifecycle planning.
Security IC4 - The typical base pay range for this role across the U.S. is USD $94,600 - $183,800 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $122,000 - $200,500 per year.

Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here: https://careers.microsoft.com/us/en/us-corporate-pay

Microsoft will accept applications for the role until December 13, 2024

Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form .

Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.

Similar Jobs