Information System Security Officer (ISSO)
Overview:
Delaware Nation Industries is supporting the Naval Surface Warfare Center Dahlgren Division Dam Neck Activity (NSWCDD DNA). We will be providing enterprise management and technical support of the Naval Surface Warfare Center Dahlgren Division Dam Neck Activity (NSWC DD DNA) by providing assistance in policy, procedures, seat refresh, engineering/technical solutions, ordering to Next Generation Enterprise Network (NGEN) and the Naval Networking Environment (NNE) strategy.
Job Summary: The RMF Analyst will assist in developing RMF accreditation packages and assist in maintaining Authorization to Operate (ATO) certifications for networked systems and applications used by the organization. The RMF Analyst will assist in the development of information system documentation and the provision of a designated set of common controls for the authorization package, including the executive summary, system security plan, privacy plan, security control assessment, privacy control assessment, and any relevant plans of action and milestones.This system certification documentation must comply with DoD and Civilian Agency policy focused on NIST 800-37, NIST 800-53 rev 4.
Responsibilities:
- Monitor and assess existing Information Security Management and Security Technical Architecture, regulations, and controls (FIPS, NIST, DISN Connection Process Guide(CPG), Navy RMF Process Guide (RPG), Navy Testing Guidance)
- Assess proposed Information Security Management and Security Technical Architecture, regulations, and controls (FIPS, NIST, DISN CPG, Navy RPG, Navy Testing Guidance)
- Maintain regular meetings/notes and informal dialog with RDT&E Lab Managers and ISSOs to keep them abreast of upcoming Department Information Office (DIO) requirements and to gather specifics on their capability and core support requirements and trends
- Maintain records in the Enterprise Mission Assurance Support Service (eMASS)
- Evaluating technical testing from Assured Compliance Assessment Solution (ACAS) scans, Evaluate STIG, eMASSter), and Security Technical Implementation Guide Viewer tool using FMATS or other NAVSEA or DoD-approved toolset.
- Monitor security access, passwords, badges, log-ins, to keep a site or system safe
- Use firewalls and information security standards to keep their organization secure
- Perform security assessments, vulnerability testing and risk analysis
- Conduct security audits internal and external
- Identify the cause of security breaches
Qualifications:
- DoD Top Secret Security Clearance
- 7+ Years of Experience in Cyber Security
- Bachelor Degree or Equivalent Work Experience
- Familiarity with NIST IT Security Special Publication (SP) 800 Series with emphasis on NIST SP 800-37 and NIST SP 800-53 rev 4/5
- Cyber Security Workforce level IAM II/III CASP,CISM, or CISSP preferred
- Forensics analysis familiarity
- Experienced STIG reviewer
- Microsoft Visio and Microsoft Project user
Desired:
- Navy Qualified Validator (NQV) Level II
- Familiarity with ACAS, RedSeal, and Carbon Black
- Familiarity with the Vulnerability Remediation Asset Manager (VRAM) web tool
- Familiarity with the Continuous Monitoring and Risk Scoring (CMRS) web tool
AAP/EEO Statement:
DNI complies with all federal, state and local laws designed to protect employees and job applicants from discrimination based on race, religion, color, sex, parental status, national origin, age, disability, genetic information, military service, or other non-merit-based factors.
Other Duties:Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.