Information Systems Security Officer (ISSO)

Overview

The Institute for Defense Analyses (IDA) has an immediate career opening for a Information Systems Security Officer (ISSO).  This opening is located at IDA's Center for Communications Research in Princeton, New Jersey (CCRP).  IDA offers a competitive salary, an excellent benefits package and a superior professional working environment.  To the right individual, IDA offers the opportunity to have a major impact on key national programs while working in support of technical issues and projects.

The ISSO is responsible for ensuring the operational security of the classified and unclassified information systems (IS) at IDA Center for Communications Research located in Princeton, NJ (CCRP).  The ISSO maintains System Security Plans (SSP) and related documentation, verifies that systems are operated securely, conducts periodic reviews, reports security incidents, authorizes security-relevant changes and provides security advice for the Center.  Manages security-relevant processes and projects in the IT Department, including the change management process.  Coordinates and manages projects across IT and security groups.

Primary Responsibilities:

1. ISSO for classified and unclassified IS at CCR-P.

2. Maintains on-line SSPs and supporting documentation in accordance with Department of Defense, NIST and sponsoring agency guidelines.

3. Provides direct oversight for acquisition security vetting programs for IS procurements to include; Acquisition Security (ACQSEC), Baseline Exception Request (BER), and Procurement Authorization Request (PAR).

4. Coordinates penetration tests and external evaluations.

5. Participates in and validates monitoring, scanning and other security related activities required by the sponsor or indicated by best practices.

6. Manages IT change management process and tracks IT and IT security projects.

7. Coordinates with sponsor personnel and other IDA units in implementing and overseeing security procedures. Responsible for coordinating IT security purchase requests, presenting to the Director of Computing for decision, and providing manager’s approval for final selections.

8. Advises the Information Technology group on required security configurations and assists with the development of technical security enhancements.

9. Implements information systems security training and awareness programs for users.

10. Monitors site compliance with information systems security requirements and programs developed by the sponsoring agency and IDA corporate IT policy.

11. Keeps management aware of system security issues.

12. Stays aware of relevant security policy and technology, and recommends appropriate policies and system changes.

13. Performs other duties as assigned.

Minimum Requirements/Qualifications:

• Bachelor's Degree in an information technology area, or demonstrated equivalent experience (i.e., at least 5 years of specifically related background, in addition to the experience requirements below).

• Three or more years’ experience as an ISSO or similar role is preferred, including experience with formal system certification and accreditation.

• Possess or complete within 6 months DoD 8570.1-M certification at the IAM-3 level. Training or familiarity with RMF and controls as in NIST 800-53.

• Familiarity with Linux and Microsoft Windows Server operating systems, and TCP/IP networking.

• Familiarity with vulnerability scanning and assessment tools.

• Exceptional communications skills, both orally and in writing, and good interpersonal skills.

• U.S. citizenship with the ability to obtain and maintain a Top Secret and other security clearances.

#ITatIDA

We support transparency, equity, and fairness in our compensation program and provide a reasonable estimate of the salary range based on data-driven market analysis for each position. While it is not typical for an individual to be hired at or near the top of the range, a reasonable estimate of the salary range for this role is $85,000-$136,000.  Individual salary within this range will be commensurate with the incumbent’s experience, unique skills and qualifications, and other relevant factors.