The Computer Merchant, Ltd. ISSO Specialist II in Lexington, Massachusetts
Reference # : 17-01427 Title : ISSO Specialist II Category: Information Technology
Position Type : Contract Experience Level : 5 Years Start Date / End Date : 07/03/2017 / 06/29/2018
Description Information Systems Security Officer
Develops and tailors Self Inspection Program to meet local needs
Develops procedures, selects tools for reviewing audits systems/infrastructure for performance, usage and compliance
Conducts vulerability scanning, assesses vulernabilites & makes recommendations after determining best measure to mitigate threat; enforces necessary requirements to meet sponsor compliance Systems Administration/Network Management
Develops and excerises procedures for software patch/antivirus updates/data backups to all systems in accordance with the SSP
Develops and applies security lockdown policies to operating systems including Windows/Red Hat Linux, and Solaris
Manage, install, and configure hardware and software as needed. Ability to perform system administrator duties configuring Active Directory services, DNS, advanced scripting, develops backup and recovery procedures, system imaging/setup, and domain configuration. In-depth knowledge with setting file and folder permissions.
Participates in the development of networks to meet customer and sponsor needs
Troubleshoots computer issues on networks and stand alone systems
Installs/updates/troubleshoots system software
Develops and maintains formal IT Security Plan
Develops local procedures/checklists
Assists ISSM implementing ICD/JSIG RMF standards and creates local policy. Ensures systems are operated and maintained IAW guidance and Sponsor policy System Validation
System compliance per governing document
Develops and manages Configuration Management program, reviews and makes recommendations regarding systems performance and security posture Customer Service/User Training
Responds to user requests and resolves complex issues such as locked out accounts, transfer of data, file recovery, software approval and installation, and assorted troubleshooting. Assists ISSM in developing improvement plans to counter adverse trends
Develops media transfer procedures/guides Designated Transfer Agent process
Coordinates waivers or exception to policies
Conducts initial and annual user training
Technical experience and skill securing operating systems such as Linux, Windows Server/client OS, and virtualization technologies.
Experience using vulnerability scanning tools such as NESSUS, SCAP, RETINA, WASP, SECSCN
Experience using audit reduction tools, and endpoint security products.
Working experience directly related to certification and authorization using the following:
NIST 800-53 / Risk Management Framework (RMF)
Joint SAP Implementation Guide (JSIG)
Intelligence Community Directive (ICD) 503
National Industrial Security Program Operating Manual (NISPOM) Chapter 8
Joint Air Force, Army, Navy (JAFAN) 6/3
AS/BS degree in Computer Science, Information Technology, Computer Information Systems, or related field.
5 years of IT Security experience in DoD Industrial Security is desired, preferably in a compartmented program environment.
DoD 8570 IAM Level I Baseline Certification required within 6 months of assuming responsibilities.
Ability to acquire SCI
TCM is an EEO/Vets/Disabled Employer.