information system security officer

ConvoCourses Podcast: RMF ISSO Assignment SSP

January 30, 2022 by Leave a Comment

RMF ISSO Assignment https://securitycompliance.thinkific.com/courses/rmf-isso-assignments-101

https://securitycompliance.thinkific.com/courses/cybersecurity

check out our courses at:
http://convocourses.com

0:00 Convocourses screen
4:29 Convocoures Big Thank you
6:11 Free Training on NIST 800-37 on Convocourses
8:11 New to the ISSO no technical background Where do I get training
19:11 CISSO vs ISSO RMF convoCourses
31:49 Have I Ever Resubmitted a Resume I have already applied for
34:30 ISSO or Cybersecurity Analyst (which should I do)
41:30 ISSO Assignment – System Description for SSP
47:30 From ISSO to SCA (my opinion)
59:52 Remote Work From Home Since 2015
01:05:00 Post Your Cybersecurity Course on Convocourses
01:11:14 Can I Become an ISSO with No Experience
01:20:49 ISSM vs ISSO roles
01:45:46 Do I Need a Masters Degree or CISSP for ISSO
01:32:04 Convocourses podcast
01:33:21 IT position for Working Remote
01:47:17 Looking for SCA Courses and Reading Comments
01:50:00 Resume Marketing for Cybersecurity IT
01:53:52 Thank you Convocourses

Podcast: Play in new window | Download

ISSO II @ Schriever AFB

February 23, 2020 by Leave a Comment

The ISSO’s primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.

Performance shall include:

Review, prepare, and update AIS authorization packages
Notify customer when changes occur that might affect AIS authorization
Perform AIS self-inspections, provide security coordination and review of all system test plans
Identify AIS vulnerabilities and implement countermeasures
Represent the customer on various technical review and inspection teams
Conduct security surveys at subordinate facilities and gather pertinent security documentation for inclusion into system authorization packages
Coordinate, prepare, and track AIS inspections, reports, and responses
Maintain AIS security records and prepare Co-Utilization Agreements for network nodes operating in government facilities
Prepare reports on the status of security safeguards applied to computer systems
Ensure AIS and network nodes are operated, maintained, and disposed of in accordance with security policies and practices
Perform ISSO duties in support of in-house and external customers
Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts
Review, track, and conduct AIS training
Experience:

4 years related experience
Education:

Bachelor’s degree or equivalent experience (4 years)
Certifications:

Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level 2 within 6 months of the date of hire
Security Clearance:

Current Top Secret Clearance with SCI Eligibility
Eligibility for access to Special Access Program Information
Willingness to submit to a Counterintelligence polygraph
Other Requirements:

Must be familiar with current security policy/manuals Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel and industry partners
Working knowledge of Microsoft Office (Word, PowerPoint, and Excel)
Possess a high degree of originality, creativity, initiative requiring minimal supervision
Willingness to travel within the organizational geographic Area of Responsibility (AOR) (note – could be extensive, and will include both air and ground transportation)

PL Consulting, Inc. Dedicated to Cyber Security

A Service Disabled Veteran Owned Small Business

C: 443.880.7716 O: 571.525.2477

https://www.plcinc.us/

Information System Security Officer DC

April 5, 2019 by Leave a Comment

checkout the courses:
http://securitycompliance.thinkific.com

****
Title: Information System Security Officer (#ISSO)
Location : Washington, DC
Duration : Full time

Active Clearance required.

Description:
The contractor shall assist the government in the assessment process for all new and legacy systems to determine the security requirements associated with each system. The contractor shall interact with both technical and non-technical personnel in order to conduct a comprehensive review of a system, network or application. This is a technical role requiring moderate to advanced knowledge of security engineering, the #ATO process, enterprise monitoring, and incident response. The contractor shall assist in building or refining the program to achieve the assessment process. The contractor shall work with various elements of the cybersecurity team to understand roles, missions and requirements in order to inform this process.

Minimum Qualifications and Experience
At least 3 years serving as an Information Systems Security Officer (ISSO) at a cleared facility.
Minimum of 5 years work experience in a computer science- or Information Assurance-related field.
At least one of the following certifications: Certified Information Systems Security Professional (#CISSP), Global Information Security Professional (#GISP), or the CompTIA Advanced Security Practitioner (#CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction #8570.1 IAM Level III proficiency.
Familiarity with the use and operation of security tools including Tenable. Nessus and/or SecurityCenter, IBM Guardium, Client Weblnspect, or like applications and Network Mapper (#NMAP).
A bachelor’s or advanced degree in Computer Science, Information Assurance, or Engineering is preferred.

Please provide the following information
Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status

Kindly share your detailed resume at zoeyw@etalentnetwork.com

If you are qualified and interested in making a change or know of a friend who might have the required qualifications, please call me ASAP at (703) 261-7028 Ext.267, even if we have spoken recently about a different position. If you do respond via e-mail please include a daytime phone number so I can reach you. In considering candidates, time is of the essence, so please respond ASAP. Thank you.

Sincerely yours,
ZoeyWest
E TalentNetwork

Home

8251 Greensboro Drive, Suite 250
McLeanVA
zoeyw@etalentnetwork.com
(703) 261-7028 Ext.267

Information System Security Officer sunnyvale, CA

April 4, 2019 by Leave a Comment

check out my courses:
http://securitycompliance.thinkific.com

*****
the job in this video:
Job Title: Information Systems Security Officer
Location: Sunnyvale, CA
Duration: 6 Months (Possible extension)

Secret Clearance

Job Description:
Performs system and program auditing to ensure compliance to system security plan.
Conducts risk assessments and provides recommendations for secure implementation and compliance in accordance with government regulations and information assurance/cybersecurity guidelines. Creates, maintains and submits information system security documents and reports to regulatory agencies and leadership.
Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security documentation; assists with the implementation of security procedures; verifies information system security requirements; performs information system certification and accreditation planning, testing, assessing and liaison activities.
Familiar with information system security architectural documentation standards.
Able to apply information assurance / cyber security standards, directives, guidance and policies to an architectural/risk based framework.
Provide architectural / risk based analysis of information assurance / cyber security features and relate existing system to future needs and trends and requirements.

Skills Required
Windows client/server background. Some UNIX/LINUX technical experience, knowledge of OS security requirements and IS (Information Systems) auditing experience.
HBSS and SIPRNet experience required.

Experience Required
Previous ISSO and SIPRNet experience needed.

Education Required
Bachelor or equivalent work experience.

Please provide the following information
Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status

Kindly share your detailed resume at zoeyw@etalentnetwork.com

Sincerely yours,
ZoeyWest
E TalentNetwork

Home

8251 Greensboro Drive, Suite 250
McLeanVA
zoeyw@etalentnetwork.com
(703) 261-7028 Ext.267

Information security officer

July 2, 2014 by Bruce Brown Leave a Comment

Information security officer (aka Information system security officer, ISSO) is an important role in the risk management process. In fact, they are often the foot soldiers “charging the hill” during the entire risk management framework process.. (or sometimes, “ice skating uphill”).

The information system security role begins at the Initial phase of the System Development Lifecycle (SDLC). According to the NIST SP 800-37, “The information system security officer is an individual responsible for ensuring that the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the information system owner”. In the legacy DIACAP days this role was called Information Assurance Officer (IAO). The ISSO is created and managed by the Information System Security Manager (ISSM).

The information security officer is often expected to do multiple security disciplines not limited to: technical, administrative or even physical security.

From a technical perspective, the ISSO can be tasked with doing continuous monitoring of threats, data loss prevention, detecting and resolving vulnerabilities using tools like security information and event managers (SIEM), vulnerability scanners, and anti-virus servers. They may assist the system administrators in implementing required security patches. They may have to review code for security flaws, help with initial security architectures, conduct incident handling or any number of technical security tasks.

The administrative “to do list” of an information security officer might include creating, editing or reviewing security policies. They may write standards, guideline and best practices related to the security features of systems. Paperwork and policy in security requires a LOT of meetings and coordination with other parts of an organization. The ISSO must be very good at dealing with technical subject matter experts and managers at every level since they are often the one in the middle of everything.

Information security officer’s are sometimes in-charge of making sure the physical security surrounding the information system is commensurate with the level of the information that needs to be protected. That means that if the information on the asset is classified it may have to have MORE physical security than a system that has data processed on a web server for the public. To do this, the ISSO will have to work with facility managers, security guard services and even building developers (in some cases). They may also have to do crypto security.

The overall job of the ISSO is to maintain the security posture and security baseline of the system. For this reason they often wear many hats.