Information System Security Officer (ISSO) Level 2

Top Secret SCI w/Polygraph Required

Top Secret SCI w/Polygraph Required

Information System Security Officer (ISSO), Level 2

The Level 2 ISSO position is a mid-level information system security professional that provides advice and assistance to the Government regarding secure configuration and operation of  IT assets. Level 2 ISSOs apply knowledge and experience with standard information system security concepts, practices, and procedures. Please see table for education and years of experience requirements. ISSO Level 2 contractors should possess all ISSO Level 1 qualifications plus the following desired qualifications:

a.    Thorough understanding and application of network security principles, practices, and implementations;
b.    Working knowledge of cross-functional integration of information systems into a physical security environment;
c.    Working knowledge of system functions, security policies, technical security safeguards, and operational security measures;
d.    Understanding of system methodologies including but not limited to client server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, LAN, switches, and routers;
e.    Familiarity with detecting and preventing computer security compromises in a networked environment;
f.    Working knowledge of configuration management; system maintenance; and integration testing;
g.    Proficient in the use of tools used to prevent and/or negate malicious code;
h.    Understanding of COTS tools that scan at the physical layer of all removable and fixed media types including but not limited to: (CDs, hard drives, thumb drives, Zip/Jazz, etc.);
i.    Ability to decipher and explain in clear language Intelligence Community Directive (ICD) 503;
j.    Ability to support forensics and evidentiary preservation;
k.    Ability to troubleshoot technical configurations and make recommendations on the protection of classified and sensitive data;
l.    Demonstrated ability to translate technical information and information technology jargon into plain English;
m.    Ability to apply a risk management philosophy when faced with security challenges and the  ability to articulate the pro’s and con’s in a clear concise manner;
n.    Demonstrated proficiency with the following computer operating systems (e.g. Microsoft Windows, LINUX, UNIX, Mac OS, etc.);
o.    Analytical ability to decipher complex technical configuration management documents;
p.    Demonstrated proficiency with database maintenance;
q.    Strong ability to elicit, articulate, and document information in a well-organized manner;
r.    Demonstrated ability to work independent of close supervision;
s.    Demonstrated experience with Microsoft Office Suite; 
t.    Working knowledge of all applicable IC, DoD policies, procedures and operating instructions related to Information Technology, Information Assurance, Information Management (IT/IA/IM);
u.    Excellent communication, interpersonal, and team-building skills to engender rapport with the military personnel, civilians, and other contractors at all levels;
v.    An ability to prioritize work to meet deadlines, and to manage the workflow of the ISSO team; 
w.    Demonstrated ability to correlate audit results between various systems and/or users and notify the ISSM of any discrepancies.

Required Qualifications:

Bachelor’s Degree and 3 years of work experience or equivalent; High School/GED and 8 years of work experience; Associates Degree and 6 years of work experience or equivalent; Master's or higher AND 2 years relevant experience
Experience in the following areas is considered relevant: information technology security, information systems security, information assurance engineering.

The following qualifications are desired:

a.    Education relevant to computer engineering, information security, information management, and/or computer science 
b.    Experience in technical project management

Contractors performing ISSO functions shall possess and maintain, or obtain within six months from their arrival date, professional Information Security (IS) certification(s) appropriate for the level of duty and responsibility of their position.