Senior Information System Security Officer (ISSO)

ECS is seeking a Senior Information System Security Officer (ISSO) to work in our Redstone Arsenal, AL office.  Please Note: This position is contingent upon contract award.

ECS is seeking an experienced Information Assurance professional to serve as a Senior Information Systems Security Officer (ISSO) for the FBI. As an ISSO, you will be responsible for overseeing the day-to-day operations of the FBI's information systems and applications security operations. You will work closely with key stakeholders to ensure that all systems security operations and maintenance activities are properly documented and updated as necessary.

Key Responsibilities:

• Oversee the day-to-day operations of the FBI's information systems and applications security operations
• Work with key stakeholders to ensure that all systems security operations and maintenance activities are properly documented and updated as necessary
• Assess the effectiveness of security controls against industry and customer standards
• Provide input to the Risk Management Framework (RMF) process activities and related documentation
• Develop, update, and monitor all Plans of Action and Milestones (POA&Ms) and ensure closure once requirements have been met
• Ensure that application of security patches for commercial products integrated into the system design meet the timelines dictated by the management authority for the intended operational environment
• Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements
• Participate in the Agile project management methodologies used by the FBI for release planning/tracking and continuously seek to improve all aspects of security through either experience or innovation
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
• Provide cybersecurity guidance to the system owner and leadership
• Verify and update security documentation reflecting the application/system security design features
• Assess the adequate access controls based on principles of least privilege and need to know
• Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed
• Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative
• Work with stakeholders to resolve computer security incidents and vulnerability compliance
• Provide advice and input for Disaster Recovery, Contingency and Continuity of Operations plans

Working Conditions:

• This position will require working in a fast-paced environment with multiple priorities and deadlines
• The ISSO will be required to work closely with stakeholders, including system owners, leadership, and other security professionals
• The ISSO will be required to maintain a high level of security awareness and be able to identify and mitigate security risks
• The ISSO will be required to work in a team environment and be able to communicate effectively with team members and stakeholders.

• Active Top Secret clearance with ability to obtain SCI and CI Poly 
• Masters Degree or 5+ years' experience in Information Assurance or related field
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
• Knowledge of cyber threats and vulnerabilities
• Knowledge of systems security testing and evaluation methods
• Knowledge of computer networking concepts, protocols, and network security methodology
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• Good communication skills, both written and verbal
• Knowledge of information technology risk management policies, requirements, and procedures
• Ability to write technical documentation