Special Programs Information Systems Security Officer w/Active TS/SCI Clearance

Job opening ID

Posting title
Special Programs Information Systems Security Officer w/Active TS/SCI Clearance

Roles and responsibilities
US Citizenship and an active TS/SCI & Polygraph Eligible is required to be considered for this position
Estimated duration of 18 months with the potential for extension or conversion.
W2 with full benefits
Customer and contract specific training will be required and provided.
Some travel may be required. 
Labor Category: Computer Security Engineer V

Job Description:
Provide an ISSO III who will report to the Special Programs ISSM in a special facility for day-to-day activities.
The Special Programs Information Systems Security Officer (ISSO) reports to the group supervisor in 173F, Cybersecurity/Identity Technologies and Operations. An ISSO is responsible for ensuring the appropriate operational cybersecurity posture is maintained for all information systems and as such, works in close collaboration with the Special Programs Information Systems Security Manager (ISSM). The ISSO is assigned responsibility for the day-to-day cybersecurity operations of all information systems, and is dotted lined to the Special Programs ISSM within a facility. The Special Programs ISSO role actively ensures compliance with current Sponsor and JPL Cybersecurity policies, concepts and protective measures.
The major responsibilities of the Special Programs Level III ISSO are to:
o Support/Assist the ISSM in meeting their duties and responsibilities. The Level III ISSO may assume alt-ISSM responsibilities in the absence of the ISSM.
o The alt-ISSM should be a SME on all matters in which the ISSM has purview over, to include the Risk Management Framework (RMF)
o The alt-ISSM may serve as a mentor to junior ISSO’s as requested by the ISSM
o The alt-ISSM may also fill in as the Information Systems Security Engineer (ISSE) in order to fulfill technical requirements required within the RMF accreditation process
o Assist in maintaining the day-to-day operations of the Information System (IS) cybersecurity program, RMF requirements and policies for their assigned area of responsibility
o Shall successfully obtain DoD 8570 level III certification
o Collaborate with other ISSO’s, IT and CPSO’s when writing RMF accreditations to include: Producing /Developing security RMF documentation (e.g., System Security Plan (SSP), Security Controls Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), supporting artifacts, etc.
o Ensure all information systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the RMF authorization package
o Conduct periodic reviews of information systems to ensure compliance with the RMF package
o Assist in conducting the cybersecurity continuous monitoring required in order to maintain a successful Risk Management Framework (RMF) Authorization To Operate (ATO)
o Support the ISSM in investigating/handling all cybersecurity incidents and coordinating with the SOC, if required.
o Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM, as well as making changes within the RMF tracking database, and working with ISSM prior to the change
o May sit in the Change Configuration Board (CCB) as a delegate for the ISSM, if required
o Attend program meetings in support of the ISSM, if required
o Assist with data transfers, to include low-to-high and high-to-low
o Assist the ISSM with writing cybersecurity SOP’s in accordance with sponsor directives/requirements
o Keep abreast with industry trends, training and continuing education required to improve their technical knowledge
o Any other duties as assigned by the ISSM

Required Skills:
• The candidate must be a citizen of the United States of America
• Candidate must have a minimum of a Top Secret/SCI clearance
• A United States Government administered polygraph examination will be given to the selected candidate; he/she must pass it to maintain employment in this position
• Offer contingent on ability to successfully pass a background check and drug screen
• Typically requires a Bachelor’s degree with a minimum of 6 years of related Computer Security experience; Master’s degree with a minimum of 4 years of related experience; or PhD with a minimum of 2 years related experience
• Possess one of the Department of Defense (DoD) approved 8570 Baseline certifications for Information Assurance Manager (IAM Level 1) or plan to be certified within 6 months of hire date
• Successful experience with system hardening, configuration testing, continuous monitoring and scanning using any of the tools: SCAP, Nessus, Snort, Splunk
• Willingness to submit to a Counterintelligence polygraph
• Recent experience implementing the Intelligence Community Directive (ICD) 503 and Risk Management Framework (RMF) principles, Assessment & Accreditation lifecycle, National Institute of Standards and Technology (NIST) Special Publications including 800-53, Federal Information Processing Standard (FIPS) Publications 199 & 200, and Defense Security Service (DSS) processes including Office of the Designated Approving Authority (ODAA) Business Management System (OBMS) web based system
• Knowledge of security concepts and best practices such as defense in-depth, least privilege, need-to-know, separation of duties, access controls, encryption, etc.
• Strong technical and social skills providing accountability and day-to-day support in ensuring classified automated information systems (AIS) are protected and operated in accordance with governing policies and related manuals.
• Must be a U.S. citizen with an active Top Secret clearance based upon a Single Scope Background Investigation (SSBI) within a 5-year scope and approved or previously approved for Sensitive Compartmented Information (SCI) access.

Desired Skills:
• Preferred (ISC)2 Certified Information Systems Security Professional (CISSP) or CompTIA Security+ Continuing Education (CE) certification in good standing
• Experience with Security Repository Tools such as Telos Xacta IA Manager or Trusted Agent FISMA (TAF)
• Experience and knowledge of using Security Information and Event Management (SIEM) tools including; Splunk ES to analyze relevant security events and alerts
• Implement tools and techniques in support of Insider Threat Mitigation Program

Number of positions