Chiron Technology Services, Inc. currently has an Information System Security Officer I career opportunity in the Annapolis Junction, MD area. An active TS/SCI w/Polygraph Clearance is required for this position.

Requirements:

• Minimum 5 continuous years of work experience in Information Systems Security or a related field.
• Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university. Four (4) years of additional ISSO experience may be substituted for a Bachelor's degree. 

Qualifications:

• Conduct continuous monitoring of authorized, operational information systems (IS) to assess the effectiveness of security controls in an information system, on an ongoing basis, to determine system security status, which includes:

• Conducting configuration management and assist the Government with the control of information system components

• Providing security impact analyses of changes to a system or its environment of operation

• Conducting ongoing assessments of security controls

• Recommend security policies to the Government; execute technical security safeguards and operation security measures

• Access data, control information, software, hardware, and firmware

   

• Complete and maintain documentation for Security Authorization of each IS

   

• Update System Security Plans (SSPs) each time the posture (e.g., hardware and software) of an IS is modified; if the modification(s) trigger a reauthorization, the contractor shall review and update all documentation for Security Authorization

   

• Assist the Government in determining how modifications and/or introduction of new technology will impact the performance and security of their system(s)

   

• Obtain Security Authorization for ISS; operate and maintain authorized ISS in accordance with the approved SSP

   

• Provide recommendations to the Government concerning NSA/CSS authorized users access to the ISS; inspect for appropriate clearances, indoctrinations, and validate need-to-know for information

   

• Determine whether all remote and network connections meet or exceed the ISS requirements of the IS; report findings to the Government

• Administer the user identification and authentication mechanisms of the IS; when direct control of these mechanisms is not feasible, coordinate with the Government to recommend a manner in which the mechanisms can be used most effectively

   

• Remove user accounts once access to the IS is no longer required

   

• Obtain proper approvals and follow proper purging procedures when storage devices or other components capable of storing data are prepared for release

   

• Identify the appropriate color-coded classification and monitoring label stickers on all computer monitors and CPU unit/containers

   

• Provide the Government, in writing, any security weaknesses identified

   

• Recommend security improvements for the IS

   

• Assist the Government in applying physical and operational procedures to prevent a compromise of IS security, or negation of its Security Authorization

   

• Review the IS security audit documents in accordance with NSA/CSS policy and procedures

   

• Immediately report all security incidents involving ISs in accordance with NSA/CSS policies and procedures for computer security incidents

   

• Advise authorized users of security features and procedures used on the IS

   

• Assist the Government to ensure that maintenance personnel are granted only those privileges required to perform their job

• Use configuration management to maintain and protect the security posture of the IS; coordinate all changes to the operating systems software or applications software with the Government

• In coordination with the Government, participate in configuration control board activities

• Maintain records on ISs, outlining required patches/system upgrades that have been accomplished throughout an IS' s life cycle

   

• In the Government's internal tracking system, maintain records for workstations, servers, routers, firewalls, intelligent hubs, network switches, and telephony equipment; include in the records: POC, action taken (referencing any IAVA, CERTs involved), and date action completed

   

• Assist the Government with implementing and managing the Information Assurance (IA) Program

   

• Track and report organizational trends in the XACTA Information Assurance Manager (XIAM) Tool with regard to the security posture of systems, and work with the Government to resolve deficiencies or problems

   

• Assist the Government in managing common control families, as defined in CNSS Instruction No. 1253, dated October 2009

   

• Provide guidance/recommendations to the Government on IA best practices and procedures, compliant with the Risk Management Framework

   

• Serve as the IA liaison to the Government

   

• Work with the NSA Information Security Incident Response Team (NISIRT) and oversee resolution of computer security incidents and vulnerability compliance

   

• Assist the Government in the development and review of Intelligence Community (IC) and NSA/CSS policy

   

• Provide IA Workforce Improvement Program (IAWIP) support for the Government

   

• Provide communications support on non-system specific OISS plans, policies, or procedures

   

• Provide the Government assistance with special interest security activities

   

• Review and provide recommendations for cross-domain transfers

• Provide and evolve the existing Information System Security Officer (ISSO) Registration Tool in order to 1) qualify ISSOs based on experience level, skill sets, and certifications; 2) provide a fully qualified ISSO workforce that is registered, ISSO compliant, and validated with continually improving skill sets; 3) provide Information and System Security Risk Management, TS3 Management, an assessment tool to make decisions based on the ISSO workforce demographics, in order to enable effective global problem solving, logically and physically.

• As needed, respond to off duty calls for assistance with broken or non-functioning IS

We are an EEO/AA Employer. We do not discriminate in hiring on the basis of race, color, national origin, sex, gender identity, sexual orientation, religion, age, disability, protected veteran status, or any other characteristic protected by federal, state or local law. If you need a reasonable accommodation for any part of the employment process, please contact us by email at careers@chirontech.com, let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.