Information Systems Security Officer - ISSO

Information Systems Security Officer – ISSO

What you will be doing:

As an ISSO at Praxis you will create, modify, and maintain (continuous monitoring phase) AIS and SSP documents and hard copy files. For this position, there will be opportunities to recommend and lead corporate initiatives that enhance our company’s cybersecurity posture. We expect the person that fills this position to be a self-starter with the drive to research and recommend concerns or initiatives to leadership.

What you will need:

• Bachelor's degree in System Engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or related discipline from an accredited college or university is required. Four (4) years of additional developer experience may be substituted for a Bachelor’s degree.
• At least three (3) years of ISSO/ISSE experience
• Must be DoD 8570.1 compliant IAM Level I certification, such as the CompTIA Security+ certification. A higher-level certification, such as GSLC, CAP, CASP, CISM and/or CISSP will also be accepted.
• Attention to detail and meticulously follow critical procedures
• These are absolute must-haves
  • Experience with Risk Management Framework
  • Experience with Risk Assessments and Vulnerability Assessments
  • Experience with NIST 800-37 and 800-53
  • Experience reviewing and applying IAVAs
  • Experience with Agency Systems Security Certification & Accreditation (C&A). 
  • Experience with verification and validation for security compliance of encrypted data
  • Ability to decompose requirements
• Must have significant experience using drawing applications (MS Visio preferred) to prepare SSP supporting documentation (diagrams, etc.)
• Must have the ability to coordinate with multiple government organizations and individuals for Phase 1 or Open Door (pre-system set-up) meetings and be flexible enough to track down appropriate parties to be included
• Must have a strong understanding of the customer’s tools (Xacta, RMF, etc.), their Knowledge Center, and how to request accounts and assistance through the helpdesk
• We require significant experience using MS Office applications (Word, Excel, Outlook) to prepare SSP supporting documentation (SOPs, etc.)
• MUST have EXCELLENT communication skills; written, verbal, and follow-through. 
• You will need to be a self-starter and you MUST be someone who drives the process and does not typically wait to be told what to do.
• Must be compliant and ensure/enforce compliance with all policies and SOPs.
• Must be able to shift priorities at a moment’s notice given new directions/tasking from management.
• Must have a strong working knowledge of Systems Administration and Security Policy experience, with an interest in performing both responsibilities.

In addition, the ideal candidate will have a working knowledge of Systems Administration skills to include the following:

• Ability to adhere to and follow stringent protocol for security hardening of Windows systems 
• Perform tasks such as:
  • NTFS file/folder permission settings
  • Adding/Disabling User accounts and groups
  • Auditing/Displaying Active Directory group policies & changing user account passwords
  • Updating Anti-virus software additions, working knowledge (at least from a user perspective) of a VDI [Virtual Desktop] solution
  • Basic understanding of networking
  • Ability and willingness to assist in physically handling hardware (unbox, install on desk tops, inventory, label, etc. up to 30 lbs) is desired