The Computer Merchant, Ltd. ISSO Specialist II in Lexington, Massachusetts

Reference # : 17-01427 Title : ISSO Specialist II Category: Information Technology

Location :

Lexington, MA

Position Type : Contract Experience Level : 5 Years Start Date / End Date : 07/03/2017 / 06/29/2018

Description Information Systems Security Officer

Job Responsibilities:


  • Develops and tailors Self Inspection Program to meet local needs

  • Develops procedures, selects tools for reviewing audits systems/infrastructure for performance, usage and compliance

  • Conducts vulerability scanning, assesses vulernabilites & makes recommendations after determining best measure to mitigate threat; enforces necessary requirements to meet sponsor compliance Systems Administration/Network Management

  • Develops and excerises procedures for software patch/antivirus updates/data backups to all systems in accordance with the SSP

  • Develops and applies security lockdown policies to operating systems including Windows/Red Hat Linux, and Solaris

  • Manage, install, and configure hardware and software as needed. Ability to perform system administrator duties configuring Active Directory services, DNS, advanced scripting, develops backup and recovery procedures, system imaging/setup, and domain configuration. In-depth knowledge with setting file and folder permissions.

  • Participates in the development of networks to meet customer and sponsor needs

  • Troubleshoots computer issues on networks and stand alone systems

  • Installs/updates/troubleshoots system software

Develops and maintains formal IT Security Plan

  • Develops local procedures/checklists

  • Assists ISSM implementing ICD/JSIG RMF standards and creates local policy. Ensures systems are operated and maintained IAW guidance and Sponsor policy System Validation

  • System compliance per governing document

  • Develops and manages Configuration Management program, reviews and makes recommendations regarding systems performance and security posture Customer Service/User Training

  • Responds to user requests and resolves complex issues such as locked out accounts, transfer of data, file recovery, software approval and installation, and assorted troubleshooting. Assists ISSM in developing improvement plans to counter adverse trends

  • Develops media transfer procedures/guides Designated Transfer Agent process

  • Coordinates waivers or exception to policies

  • Conducts initial and annual user training


Technical experience and skill securing operating systems such as Linux, Windows Server/client OS, and virtualization technologies.

Experience using vulnerability scanning tools such as NESSUS, SCAP, RETINA, WASP, SECSCN

Experience using audit reduction tools, and endpoint security products.


Working experience directly related to certification and authorization using the following:

NIST 800-53 / Risk Management Framework (RMF)

Joint SAP Implementation Guide (JSIG)

Intelligence Community Directive (ICD) 503

National Industrial Security Program Operating Manual (NISPOM) Chapter 8

Joint Air Force, Army, Navy (JAFAN) 6/3

Education/Professional Certifications

AS/BS degree in Computer Science, Information Technology, Computer Information Systems, or related field.

5 years of IT Security experience in DoD Industrial Security is desired, preferably in a compartmented program environment.

DoD 8570 IAM Level I Baseline Certification required within 6 months of assuming responsibilities.


Top Secret

Ability to acquire SCI

TCM is an EEO/Vets/Disabled Employer.