Information System Security Officer

Overview

 

SMS has an immediate opening for an Information System Security Officer (ISSO) on our Cryptologic and Cyber Division (CCSD) Security team at our Lackland Air Force Base site in San Antonio, TX. Our team supports the CCSD by ensuring communications are secure and protected against Cyber threats while provide continuous access for authorized users.

 

As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems, ensuring operational efficiency, and designing, implementing, and managing secure environments, SMS supports business and mission goals with proficiency, quality, and integrity.

 

SMS has been serving the advanced information technology needs of the federal government since 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 40 years. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. For additional information on SMS, visit www.sms.com.

 

Submit your resume today!

Responsibilities

Position Summary:

The Information System Security Officer (ISSO) is responsible for ensuring the appropriate operational security posture is maintained for assigned Information Technology (IT). This includes activities related to maintaining situational awareness and initiating actions to improve or restore cybersecurity posture.

 

Duties and Responsibilities

• Implement and enforce all AF cybersecurity policies, procedures, and countermeasures
• Ensure appropriate security posture: systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization artifacts
• Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRG))
• Develop Plan of Action and Milestones (POA&M) based on the assessment results
• Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the system-level ISSM, SCA
• Ensure all IS security-related documentation is current and accessible to properly authorized individuals so that all systems and ancillary/support systems/networks are Assessed and Authorized (A&A)
• Responsible for day-to-day security operations of a system including: physical and environmental, personnel, incident handling, and security training and awareness
• Ensure all media entered into working spaces are accounted for and in accordance with DoD, Air Force regulations, and local policy/instructions. Serve as a focal point for media control and distribution for the organization.
• Provide active system monitoring. Information System Continuous Monitoring results will be used to support continuing authorization requirements or ongoing authorizations
• Follow policies and procedures and suggest changes to policy and procedures when warranted
• Initiate exceptions, deviations, or waivers to cybersecurity requirements
• Provide written inputs and or comments to draft documentation required for A&A

Qualifications

• 2+ years of DoD Risk Management Framework (RMF)
• Information Assurance Technical (IAT) Level II 3+ years of recent Network and Advanced Computing Environment Experience
• Experience with RMF accreditation packages
• Experience in all steps of the RMF process
• Experience in evaluating security controls and compliance on a variety of hardware and software systems
• Experience with eMASS
• Experience with Exacta
• Ability to work effectively independently as well as within a team environment
• Experience with assessing ACAS scans and importing into eMASS
• Experience with TEMPEST compliance requirements.
• Demonstrated a strong work ethic and ability and willingness to take on new challenges
• Experience with writing SSPs
• Good communication and interpersonal skills
• Ability to follow policies and procedures
• Ability to communicate in a clear speaking voice as well as the ability to respond clearly to questions
• Aptitude to address negative situations, and resolve them in a positive manner
• Must hold an active TS/SCI

 

Education and Certifications

IAT-II: CCNA-Security, or GICSP, or GSEC, or Security+ CE, or SSCP

 

Desired but not required certifications: CAP or CGRC

 

SMS is a network integrator established in 1976.  With an employee retention rate averaging over 5 years, our ability to hire quality people and retain them in a rapidly evolving IT market proves why we are a world-class information technology company. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices. As a result, SMS is proud to be ISO 9001:2008 Registered and a CMMI Level 3 certified company, ensuring that we continue to meet and exceed the expectations of our customers, partners and employees. 

 

SMS is an Equal Opportunity Employer.