Information Systems Security Officer (ISSO)

Overview: CDT is looking to add a mid level Information Systems Security Officer (ISSO) to provide advice and assistance to secure configuration and operations to the customer’s IT assets. This position will be onsite in Chantilly, VA.

Clearance: An active Top Secret/SCI clearance with CI Poly is required. Candidates who do not meet these clearance requirements will not be considered.

Qualifications:

• Master’s Degree and 2 years work experience, Bachelor’s Degree and 3 years of work experience or equivalent, Associates Degree and 6 years of work experience or equivalent, High School/GED and 8 years of work experience or equivalent.

Responsibilities:

• Performs assessments of systems and networks within the networking environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations (compliance audits) and active evaluations (vulnerability assessments).
• Establishes strict program control processes to ensure mitigation of risks and supports for obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.
• Assists in the implementation of required government policy (e.g.,, NISPOM, DCID 6/3), and makes recommendations on process tailoring.
• Supports the formal Security Test & Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Performs analyses to validate established security requirements and recommends additional security requirements and safeguards where required.
• Supports the formal Security Test & Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Periodically conducts a review of each system’s audits and monitors corrective actions until all actions are closed. 

Desired Qualifications:

• Provide guidance on system security, assessment and authorization issues, and INFOSEC policy and security vulnerabilities.
• Support comprehensive investigations into all related data spills and IT incidents at both government and contractor sites.
• Ability to troubleshoot technical configurations and make recommendations on the protection of classified and sensitive data.
• Development and maintenance of all SSP documentation and risk analysis.
• Responsible reporting of security related incidents including development of protective or corrective measures to discover vulnerabilities.
• Familiarity with conducting research and analysis, network and information system security principles and best practices, and controlling, labeling, virus scanning, and transferring data between information systems at varying classification levels.

CDT is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.