Dine Development Corporation

  • Information Systems Security Officer (ISSO)

    Job Location US-MD-Fort Meade
    Posted Date 3 months ago(1/23/2018 8:51 AM)
    ID
    2018-2360
  • Overview

    NOVA Corporation is 100% tribally owned by the Navajo Nation.

    NOVA Corporation is dedicated to providing outstanding services to its customers and employees. Our strength is in our ability to understand our client's needs and deliver a solution that will not only meet those needs but exceed their expectations.

    NOVA Corporation strives to be innovative in all areas of business and is committed to technical excellence. Our corporate offices are located on the Navajo Nation reservation in Window Rock, Arizona, Chambersburg, Pennsylvania, Albuquerque, New Mexico, and Columbia, Maryland.

    NOVA Corporation provides unique, custom solutions to meet our customers’ communications needs. Our solutions provide communication capabilities using modern technology. At their most complex, they are multi-purpose systems that gather information from dozens of different sources. The information is presented to decision makers immediately, visually, clearly.

    NOVA Corporation is an equal opportunity/affirmative action employer subject to the Navajo Preference in Employment Act.

    Responsibilities

    NOVA is seeking an Information System Security Officer (ISSO) to secure multiple networks using the DoD RMF framework and assist with the transition from DIACAP to RMF. The ISSO will help shape and enhance the security and Information Assurance (IA) and cybersecurity posture for our client’s networks. This includes assisting with system classification, system authorization processes, and the drafting, tracking and following up on Plans of Actions & Milestones (POA&M's). The ISSO will be responsible for defining and executing the processes for how the client provides the status on all POA&M's and make recommendations to achieve full Authority to Operate for systems and applications. Additionally, the ISSO's duties include providing cybersecurity guidance and support to the information technology support team to ensure the proper certification and accreditation of all government systems and networks.

     

    General responsibilities:
    • Prepares, distributes, and maintains plans, instructions, guidance, and standard operational procedures     concerning Information Security.

    • Participates in IA risk assessments during the C&A process.

    • Prepares, reviews, and evaluates documentation of compliance.
    • Prepares recommendations for the AO.

    • Reviews IA and IA enabled software, hardware, and firmware for compliance with appropriate security   configuration guidelines, policies, and procedures.
    • Reviews IA security plans.
    • Identifies alternative functional IA security strategies to address organizational security concerns.
    • Reviews security safeguards to determine that security concerns identified in approved policies, plans, and   doctrine have been fully addressed.
    • Develops and implements programs to ensure that systems, network, and data users are aware of, understand, and follow IA policies and procedures.
    • Develops, implements, and maintains information security programs appropriate for multiple networks
    • Implements effective security monitoring protocols; appropriately responds to and remediates information   security threats
    • Manages information security compliance efforts, with an emphasis on regulatory requirements (DIACAP, RMF)
    • Conducts information security risk assessments and effectively communicates risk to program manager and   client
    • Interacts with various departments and individuals across the enterprise to achieve information security   objectives
    • Assures successful implementation and functionality of security requirements and appropriate IT policies and   procedures that are consistent with the organization's mission and goals
    • Develops procedures to maintain security and protect systems from security threats. Works with IT Support     Manager to ensure that best practices are incorporated into policy in support of our quality management efforts
    • Provides leadership and concurrence in configuration control, planning and implementation of projects for   computer security and enterprise systems administration
    • Ensures adherence to IA/cybersecurity policies, procedures and training for all assigned staff
    • Serves as the primary point of contact for IA/cybersecurity policy, guidance, and DIACAP Certification and   Accreditation (C&A) and RMF requirements and implementation

    Qualifications

    • Experience with DOD 8510 (DIACAP and RMF), DoD 6510 and 8500 series instructions, and NIST 800 series   guidance
    • Experience with IAVMs, DISA STIGs, POA&Ms, and related Federal/DoD policies and regulations
    • Experience working with information security practices, networks, software, and hardware
    • Strong analytical and problem solving skills for resolving security issues
    • Good organization skills to balance work and lead projects
    • Basic leadership skills to effectively mentor and lead junior level personnel
    • Good interpersonal skills to interact with customers and team members
    • Strong communication skills to interact with team members and support personnel
    • Ability to work in a team environment

     

    Certifications:
    Required: DOD 8570-01M IAT Level II certification (CompTIA Security +, CASP, CeH, or equivalent)
    Preferred: DoD 8570-01M IAT Level III certification (CISSP, CISA, or equivalent)

     

    Certifications Required

    CompTIA Security +

    Education Requirements

    Required: Minimum Associates degree in computer sciences, information security, or related field with 5-7 years’ relevant experience
    Preferred: Bachelor’s Degree in computer sciences, information security, or related field with 3-5 years relevant experience

    Certifications Preferred

    CISSP

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed