JobsEQ by Chmura Logo

Information System Security Officer (ISSO)

TestPros

Location: Tampa, Florida
Type: Full-Time, Non-Remote
Posted on: October 13, 2021
This job is no longer available from the source.
ACTIVE SECRET CLEARANCE
Company Overview:
TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversight, Process Audit, Intelligence Analysis, Cyber Security, NIST SP 800-171 Assessment and Compliance, Computer Forensics, Software Assurance, Software Testing, Test Automation, Section 508 and WCAG Accessibility Assessment, Localization Testing, Independent Verification and Validation (IV&V), Quality Assurance (QA), Compliance, and Research and Development (R&D) services. TestPros is an Equal Opportunity Employer.
TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world.  We support the U.S. Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure.
Job Description
TestPros is looking for an Information Systems Security Officer (ISSO) who will adhere to USAF and DoD laws, standards, policies and procedures and perform as the primary security advisor on multiple systems. At least 4 years of experience, a DoD Secret clearance, and possession of an IAT II certification is required.
Location: Tampa, FL
Citizenship: U.S. citizenship is required
Clearance: DoD Secret clearance
The ideal candidate will:
• Provide solutions and recommendations to remedy security vulnerabilities, threats, to ultimately improve the protection of IT resources and to execute the MacDill AFB mission.
• Provide guidance to other assessors on the policies and procedures of the job.
• Provide detailed assessment findings using Government-specified processes and procedures.
• Utilize assessment results to identify trends and to improve IA training, policies and processes.
• Utilize the RMF methodology to successfully implement an information technology process which shall effectively protect the element's information assets and its ability to perform its mission to include but not limited to Configuration Management.
• Utilize RMF tools such as (but not all encompassing) Enterprise Mission Assurance Support Service (eMASS), SNAP, Information Technology Investment Portfolio System (ITIPS), and Grid Interconnection Approval Process (GIAP) system for establishment of connection to the NIPR and SIPR enclaves.
Responsibilities
• Conduct comprehensive IT security control assessments on systems identified within the scope of the contract.
• Provide an assessment on the severity of weaknesses or deficiencies discovered in the information system and its environment of operation and recommend corrective actions and or controls to address identified vulnerabilities.
• Review the System Security Plan (SSP), prior to initiating the security control assessment and ensure the plan provides a set of security controls for the information system that meet the stated security requirements.
• Advise the ISSM concerning impact values for confidentiality, integrity, and availability for the information on a system.
• Evaluate threats and vulnerabilities to information systems to ascertain the need for additional safeguards and controls to mitigate vulnerabilities.
• Review and approve the information system security assessment plan, which is comprised of the SSP, the Security Controls Traceability Matrix (SCTM), and the Security Control Assessment Procedures.
• Ensure security control assessments are completed for each information system and ensure controls are working as intended and these controls protect the confidentiality, integrity and availability of IT resources at the appropriate levels.
• Prepare the final Security Assessment Report (SAR) containing the results and findings from the assessment at the conclusion of each security control assessment activity.
• For each completed site visit, provide a visit report.
• Support compliance with RMF controls to include, as necessary, development of Plans of Action and Milestones (POA&Ms) and mitigation of control deficiencies.
• Evaluate security control assessment documentation and provide written recommendations for security authorization to the AO.
• Assemble and submit the security authorization artifacts to the AO (consisting of, at a minimum, the SSP, the SAR, the POA&M, and a Risk Assessment Report (RAR).
• Assess the proposed changes to information systems, their environment of operation, and mission needs to determine if they are security-relevant and could therefore affect system authorization.
• Use Security controls defined by the AO and lead ISSM.
Qualifications and Skills
• U.S. Citizenship.
• 4-8 years of experience.
• DoD Secret clearance
• Bachelor’s Degree or equivalent work experience is highly preferred.
• Excellent listening skills, effective and efficient oral and written communication skills.
• Strong written, verbal communication and presentation skills – no exceptions! Ability to speak at group events, and to interface with customers.
• Solid time management, planning, organizational communication skills, and ability to scope prospective engagements, develop proposals and project plans.
• Possession of one of these IAT II (or other) certifications: • CCNA Security
• CySA+ **
• GICSP
• GSEC
• Security+ CE
CND
• SSCP
Benefits
TestPros offers a competitive salary, medical/dental/vision insurance, life insurance, paid time off, paid holidays, 401(k) retirement plan with company match, opportunities for professional growth, cell phone discounts, and much more!  All benefits are per TestPros current policies and are subject to change without notice.  Benefits are available to full-time employees.​
TestPros, Inc. is an Equal Opportunity Employer.
Experienced Employment Type: Full-Time