Information Systems Security Officer (ISSO)

Job Type:

Information Systems Security Officer (ISSO) 

The Information Systems Security Officer (ISSO) is responsible for providing compliance and oversight of all of RAND Corporation’s Authorization and Accreditation (A&A) requirements, maintaining policies and procedures in accordance with the Defense Intelligence Agency (DIA), Defense Counterintelligence Security Agency (DCSA), Intelligence Community (IC), and other Department of Defense (DoD) regulations as applicable.  Additionally, the position manages the Sensitive Compartmentalized Information (SCI) and Special Access Program (SAP) Information Systems (IS) to ensure that all classified IS remain accredited, executes required functions as defined by the IC, DoD and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) in support of the local Information Systems Security Manager (ISSM), Corporate ISSM, Manager, Security Operations, and Executive Director, Security & Classified Operations and Chief Security Officer, and provides services for individuals within the accredited systems.

Duties

• Implements, monitors and maintains RAND’s Security Manual and procedures for DoD, IC and SAP programs and other applicable government sponsor regulations
• Enforces corporate policies to support ICD’s, DAAPM, JSIG and other CI standards.
• Enforces compliance with current Security Technical Implementation Guides (STIGs) for all applicable systems
• Interfaces with and supports clients in the operation and security of the classified systems
• Assists the ISSM in establishing, communicating, and improving the collateral and SCI/SAP      Information Systems (IS) Security Program
• Responsible for the preparation and sustainment for internal self-inspections.
• Assesses changes by performing periodic self-inspections, tests and reviews of the classified IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed
• Participates in the planning, installation, implementation, upgrade, problem determination and resolution involving software programs, operating systems, computers, printers, scanners, etc. for collateral and SCI/SAP systems.  Provides budget requirements to the ISSM for the sustainment of the collateral SCI/SAP systems 
• Ensures protocols are followed for the investigation(s) and resolution of security incidents
• Collaborates with the system and network administrators to ensure audit features are configured and enabled correctly
• Performs weekly audits and ensures administrative inquiries/investigations into anomalies found during audit trail analysis are reported to the ISSM for follow on actions
• Develops and implements the System Security Plans (SSP) and addendums for the facility
• Performs other duties as assigned

Education

High school diploma or GED required.  BS/BA degree preferred. 

Experience

At least five years’ experience in Information Technology (IT) in a classified environment or as an ISSM/ISSO in government/industrial security leading other security professionals required.  At least six years’ experience in Information Technology (IT) in a classified environment or as an ISSM/ISSO in government/industrial security leading other security professionals preferred.

Basic Qualifications

• Must have and maintain a DoD 8570.01-M (Information Assurance Workforce) IAM level 1 certification (e.g. Security+, GSLC, CISM, or CISSP)
• Experience working with federal/government agencies or defense contractors required
• Experience interfacing with DIA or other government representatives as the ISSM/ISSO
• Possesses working knowledge of the DoD, DISA, ICDs and associated IC security regulations, policies, STIGs and laws
• Possesses extensive working knowledge of multiple federal government network security processes and procedures
• Education in the fields of computer science or engineering for technical project managers
• Technical background with understanding or hands-on experience in software development and web technologies
• Organizational skills including attention to detail and multi-tasking skills
• Is familiar with encryption technologies, forensics, penetration and vulnerability analysis of various security technologies and information technology security research
• Possesses knowledge of Microsoft office products or similar software packages
• Possesses a strong understanding of operating system (PC, Mac, Linux) and audit log aggregator software
• Able to configure laptops/desktops, install applications, setup network infrastructure and troubleshoot as required
• Possesses excellent oral and written communications skills required for correspondence, reports, briefings, and procedures
• Demonstrates strong customer service skills
• Must be able to lift 30 lbs.
• Must be able to pass a background check

Location

Pittsburgh

Security Clearance

Must meet eligibility requirements for access to U.S. government classified information

Positions Open

One

Salary Range: $85,700 - $127,500

RAND considers a variety of factors when formulating an offer, including but not limited to, the specific role and associated responsibilities; a candidate’s work experience, education/training, skills, expertise; and internal equity. The salary range includes base pay plus RAND’s sabbatic pay (which provides additional compensation above base pay when vacation is taken). In addition, RAND provides strong benefits including health insurance coverage, life and disability insurance, savings plan, paid time-off and more.

Equal Opportunity Employer: race/color/religion/sex/sexual orientation/gender identity/national origin/disability/vet