The Information Systems Security Officer (ISSO) position at TekSynap is currently open for applications. The ISSO will have the responsibility of ensuring the credibility of security audits and will report directly to the Program Manager. The role involves overseeing the implementation, monitoring, and maintenance of security practices and procedures on a daily basis. The ISSO will also be responsible for developing and updating system security documentation and conducting vulnerability scans. Applicants must have a minimum of 5 years of experience as an ISSO at a cleared facility and possess an active TS/SCI + Poly clearance. The successful candidate will have expertise in data entry in eMASS and Xacta and be familiar with the Risk Management Framework (RMF) process. The ISSO will join the ORCHID PROGRAM team and work at the Liberty Crossing Intelligence Campus in Tysons, VA, and the Intelligence Community Campus in Bethesda, MD. TekSynap offers a competitive benefits package to its employees.
Read more about the Job you will love
Responsibilities
Level of oversight and credibility of security audits
The Information Systems Security Officer (ISSO) is responsible for ensuring the level of oversight and credibility of security audits. This includes conducting thorough audits of the organization’s security systems and processes to identify any vulnerabilities or weaknesses. The ISSO will use their expertise to evaluate the effectiveness of the current security controls in place and make recommendations for improvements as necessary. They will also ensure that all audits are conducted in accordance with industry standards and best practices to maintain the credibility of the organization’s security program.
Reporting to the Program Manager
The ISSO reports directly to the Program Manager, providing regular updates on the status of security audits and any identified vulnerabilities. They will communicate any potential risks or concerns to the Program Manager in a timely manner, allowing for appropriate action to be taken. This includes documenting and reporting all security incidents and breaches to the Program Manager and working collaboratively to develop and implement mitigation strategies.
Working with the Quality Manager
The ISSO works closely with the Quality Manager to conduct security audits and ensure the effectiveness of the organization’s security controls. They will collaborate on the development and implementation of security policies and procedures, ensuring alignment with industry standards and best practices. The ISSO will also provide support to the Quality Manager in monitoring and assessing the organization’s compliance with security regulations and requirements.
Implementation and maintenance of security configuration
The ISSO is responsible for the day-to-day implementation and maintenance of the security configuration within the organization. This includes establishing and enforcing security protocols, conducting regular assessments to identify any potential vulnerabilities, and taking appropriate action to mitigate risks. The ISSO will also work closely with other IT personnel to ensure that all security controls are properly implemented and maintained.
Liaison support between system owner and IS security personnel
As a liaison, the ISSO acts as a bridge between the system owner and the IS security personnel. They facilitate communication and collaboration between these two parties, ensuring that all security concerns and requirements are effectively addressed. The ISSO will also provide guidance and support to both the system owner and the IS security personnel to ensure that all security controls are properly implemented and maintained.
Implementation of selected security controls
The ISSO is responsible for implementing selected security controls within the organization. This includes determining the appropriate security controls based on the organization’s risk assessment and regulatory requirements. The ISSO will work closely with other IT personnel to ensure that these security controls are properly implemented and integrated into the organization’s systems and processes.
Development and maintenance of system security documentation
The ISSO is responsible for the development and maintenance of all system security documentation. This includes creating and updating security policies, procedures, and guidelines to ensure that they reflect current best practices and regulatory requirements. The ISSO will also ensure that all system security documentation is accessible and available to the appropriate personnel within the organization.
Conducting vulnerability scans
The ISSO is responsible for conducting regular vulnerability scans to identify any potential weaknesses or vulnerabilities in the organization’s systems and processes. This includes using specialized software and tools to scan and assess the security of the organization’s network, applications, and infrastructure. The ISSO will document and report any identified vulnerabilities and work collaboratively with the IT team to develop and implement appropriate mitigation strategies.
Development of POAMs
The ISSO is responsible for the development of Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities. This includes identifying and prioritizing the necessary actions and steps to address each vulnerability, assigning responsibility for each action, and establishing target completion dates. The ISSO will ensure that all POAMs are regularly reviewed and updated to reflect the current status of vulnerability mitigation efforts.
Ensuring traceability of vulnerabilities
The ISSO is responsible for ensuring traceability of all vulnerabilities from raw assessment results to the POA&M. This includes documenting and tracking the status of each vulnerability throughout the mitigation process, ensuring that all necessary actions are taken to address each vulnerability, and providing regular updates on the progress of vulnerability mitigation efforts. The ISSO will also work closely with the IT team to validate and verify the effectiveness of vulnerability mitigations.
Qualifications
Active TS/SCI + Poly clearance
The ISSO must possess an active TS/SCI + Poly clearance to access and protect classified information. This clearance demonstrates the individual’s trustworthiness and ability to handle sensitive and classified information in their role as an ISSO.
Active IAM II or III certification
The ISSO must hold an active IAM II or III certification, which demonstrates their proficiency and expertise in information assurance and cybersecurity. These certifications validate the individual’s knowledge and skills in implementing and managing security controls and policies.
BS/BA degree in related field
The ISSO is required to possess a bachelor’s degree in a related field, such as computer science, networking, software engineering, or information security. This educational background provides the necessary foundation and knowledge to fulfill the responsibilities of the role.
Minimum 5 years experience as ISSO
The ISSO must have a minimum of 5 years of experience serving as an Information Systems Security Officer (ISSO) at a cleared facility. This experience demonstrates the individual’s understanding of security principles, processes, and best practices, as well as their ability to effectively implement and manage security controls.
Experience in computer science or Cybersecurity
The ISSO should have experience in the field of computer science or cybersecurity. This experience provides the necessary knowledge and skills to effectively assess, implement, and maintain security controls within an organization’s systems and processes.
US Citizen
The ISSO must be a US citizen to fulfill the requirements of the role, which may involve accessing and protecting sensitive and classified information.
Read more about the Job you will love
Overview
Supporting the ORCHID PROGRAM at Liberty Crossing Intelligence Campus and Intelligence Community Campus
The ISSO will be supporting the ORCHID PROGRAM at Liberty Crossing Intelligence Campus in Tysons, VA, and Intelligence Community Campus in Bethesda, MD. This program involves providing comprehensive information management services and support to the Intelligence Community. The ISSO’s role will be crucial in ensuring the security and integrity of the program’s systems and data.
TekSynap as a high-tech company
TekSynap is a high-tech company that specializes in providing advanced technology solutions to government and commercial clients. As an ISSO with TekSynap, individuals will have the opportunity to work in a dynamic and innovative environment, leveraging the latest technologies and best practices in information security. TekSynap values a collaborative and results-driven approach to work, fostering a culture of excellence and continuous improvement.
Comprehensive information management environment
The ORCHID PROGRAM at Liberty Crossing Intelligence Campus and Intelligence Community Campus operates in a comprehensive information management environment. This environment requires robust security measures to protect the sensitive and classified information processed and stored within the program’s systems. The ISSO will play a critical role in ensuring that these security measures are implemented and maintained effectively.
Benefits package for employees
TekSynap offers a competitive benefits package to its full-time employees, including health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time, and holidays. These benefits demonstrate TekSynap’s commitment to providing a supportive and rewarding work environment for its employees. By joining TekSynap as an ISSO, individuals can take advantage of these benefits and enhance their professional development and personal well-being.
COMPETENCIES
Establish Focus
The ISSO will demonstrate their ability to establish focus by clearly defining the goals and objectives of their security audits and activities. They will identify and prioritize the most critical areas of concern and develop strategies and plans to address them effectively. By establishing focus, the ISSO will ensure that their efforts are directed towards achieving the desired outcomes and mitigating the highest risks.
Change Management
As an ISSO, the individual will be responsible for implementing changes to the organization’s security policies, procedures, and practices. They will need to effectively manage and communicate these changes to stakeholders and employees, ensuring a smooth transition and minimal disruption to operations. The ISSO will also be responsible for addressing any resistance or challenges to change and facilitating the adoption of new security measures.
Develop Others
The ISSO will have opportunities to develop and mentor other IT and security personnel within the organization. They will provide training, guidance, and feedback to enhance the knowledge and skills of their team members. By developing others, the ISSO will contribute to the overall professionalism and effectiveness of the organization’s security program.
Oral Communication
Effective oral communication is essential for the ISSO to convey information, instructions, and recommendations to stakeholders, employees, and other team members. The ISSO will need to communicate complex security concepts and requirements in a clear and concise manner, ensuring that all stakeholders understand their roles and responsibilities. They will also need to listen actively and respond appropriately to questions and concerns raised by others.
Written Communication
The ISSO will be responsible for developing and maintaining various system security documentation, including security policies, procedures, guidelines, and reports. Strong written communication skills are necessary to articulate complex security concepts and requirements effectively. The ISSO’s written communication will be clear, concise, and organized, ensuring that information is easily understood and accessible to the intended audience.
Interpersonal Awareness
The ISSO will need to demonstrate interpersonal awareness by understanding and considering the needs, concerns, and perspectives of others. They will interact with stakeholders and employees from various backgrounds and levels of expertise, adapting their communication and approach accordingly. The ISSO will also need to build and nurture professional relationships to foster collaboration and cooperation.
Build Relationships
As an ISSO, the individual will need to establish and maintain positive and productive relationships with stakeholders, employees, and other security personnel. They will collaborate with cross-functional teams, share information and knowledge, and seek input and feedback from others. By building strong relationships, the ISSO will create a supportive and collaborative work environment that fosters effective security practices.
Analytical Thinking
Analytical thinking is crucial for the ISSO to assess, evaluate, and interpret complex security data, reports, and logs. They will analyze security vulnerabilities, identify patterns and trends, and make informed decisions based on the available information. The ISSO’s analytical thinking will enable them to identify potential risks and provide recommendations for mitigating strategies.
Conceptual Thinking
The ISSO will engage in conceptual thinking to understand and evaluate the organization’s security architecture, frameworks, and strategies. They will consider the broader context and implications of security decisions and initiatives. Conceptual thinking will enable the ISSO to develop effective and efficient security controls and processes that align with the organization’s overall objectives and requirements.
Strategic Thinking
Strategic thinking is essential for the ISSO to align security initiatives and activities with the organization’s long-term goals and objectives. They will develop and implement security strategies and roadmaps that anticipate future threats and challenges. By thinking strategically, the ISSO will ensure that security measures are proactive, adaptable, and aligned with the organization’s evolving needs.
Technical Expertise
The ISSO will possess technical expertise in the field of information security and cybersecurity. They will have a deep understanding of security principles, concepts, technologies, and best practices. The ISSO’s technical expertise will enable them to effectively evaluate and implement security controls and solutions that protect the organization’s systems and data.
Initiative
The ISSO will demonstrate initiative by taking proactive steps to identify and address potential security risks and vulnerabilities. They will stay up to date with the latest security trends and developments, seeking opportunities to enhance the organization’s security posture. The ISSO’s initiative will drive continuous improvement and innovation within the organization’s security program.
Foster Innovation
The ISSO will foster innovation by encouraging and supporting creative and forward-thinking approaches to security challenges. They will explore emerging technologies, methodologies, and best practices to enhance the organization’s security capabilities. The ISSO’s innovation mindset will drive the adoption of cutting-edge security solutions and practices.
Results Oriented
The ISSO will be results-oriented, focusing on achieving tangible security outcomes and objectives. They will set clear goals and expectations, monitor progress, and take corrective actions as necessary. The ISSO’s results-oriented approach will ensure that security measures are effective, efficient, and aligned with the organization’s risk appetite and regulatory requirements.
Teamwork
Effective teamwork is essential for the ISSO to collaborate with stakeholders, employees, and other IT and security personnel. They will actively contribute to team discussions and decision-making processes, leveraging diverse perspectives and expertise. The ISSO’s teamwork skills will foster a positive and collaborative work environment that promotes the achievement of shared security goals.
Customer Service
The ISSO will provide exceptional customer service to stakeholders, employees, and other users of the organization’s systems and data. They will respond promptly and courteously to inquiries, requests, and concerns, ensuring the highest level of satisfaction. The ISSO’s customer service mindset will prioritize the needs and expectations of users, enhancing the overall user experience.
WORK ENVIRONMENT AND PHYSICAL DEMANDS
Location(s): WASHINGTON METRO AREA (WMA) (Tysons, VA &/or Bethesda, MD)
The ISSO will work in the Washington metro area, specifically in Tysons, VA and/or Bethesda, MD. These locations are central to the ORCHID PROGRAM at Liberty Crossing Intelligence Campus and Intelligence Community Campus, providing convenient access to the organization’s facilities and resources.
Type of environment: Office
The ISSO will work primarily in an office environment, which is conducive to performing administrative and analytical tasks related to their role. The office environment ensures a professional and focused atmosphere for the ISSO to fulfill their responsibilities effectively.
Noise level: Low
The office environment associated with the ISSO role is characterized by a low noise level. This allows the ISSO to concentrate, analyze information, and communicate effectively without significant distractions.
Work schedule: Day shift Monday – Friday
The ISSO will follow a standard day shift schedule from Monday to Friday. This schedule provides consistent working hours and allows for regular collaboration and communication with stakeholders, employees, and other team members.
Amount of Travel: Local travel between two sites
The ISSO may be required to travel locally between the two sites associated with the ORCHID PROGRAM. This travel will be based on the specific needs and requirements of the program and may involve visiting various organizational facilities and locations.
Physical Demands: Use of hands, standing, walking, lifting
The ISSO may engage in physical activities associated with their role, including using their hands for administrative tasks, standing or walking within office spaces, and occasional lifting of objects up to a certain weight. Reasonable accommodations will be made to enable individuals with disabilities to fulfill the physical demands of the role.
WORK AUTHORIZATION/SECURITY CLEARANCE
U.S. Citizenship
The ISSO must be a U.S. citizen to fulfill the security requirements of the role. This ensures compliance with government regulations and facilitates access to classified and sensitive information.
TS/SCI + Poly clearance
The ISSO is required to possess an active TS/SCI + Poly clearance to access and handle classified and sensitive information. This clearance demonstrates the individual’s trustworthiness and eligibility to work on projects and programs involving national security.
OTHER DUTIES
Job description is not comprehensive
The job description provided for the ISSO role is not comprehensive and may not include all activities, duties, or responsibilities expected of the individual in the role. The ISSO may be assigned additional tasks or responsibilities based on the evolving needs and requirements of the organization.
Duties, responsibilities, and activities may change
The duties, responsibilities, and activities associated with the ISSO role may change over time. As the organization’s security needs and technology landscape evolve, the ISSO may be required to adapt and develop new skills or expertise to fulfill their responsibilities effectively.
EQUAL EMPLOYMENT OPPORTUNITY
Employment decisions based on merit and qualifications
TekSynap’s employment decisions are based on merit and qualifications. This ensures that individuals are selected and promoted based on their abilities, skills, and experience. TekSynap is committed to providing equal employment opportunities to all individuals, regardless of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information, or any other characteristic protected by law.
Non-discrimination policy
TekSynap has a non-discrimination policy in place, which prohibits any form of discrimination in all aspects of employment, including recruitment, hiring, promotions, compensation, benefits, and termination. This policy ensures that all individuals are treated fairly and equitably, regardless of their personal characteristics or backgrounds.
Equal opportunity for individuals with disabilities
TekSynap is committed to providing equal employment opportunities for individuals with disabilities. Reasonable accommodations will be made to enable individuals with disabilities to participate in the job application process and perform the essential functions of their roles. TekSynap values diversity and inclusion, recognizing the unique perspectives and contributions that individuals with disabilities bring to the workplace.
