Overview

  • The Jr ISSO shall be a part of the Information Assurance team that will upgrade and maintain the security posture of all standalone and networked environments at Blossom Point
  • Maintain operational security posture for programs and information systems
  • Support information security accreditation activities in compliance with all federal government policy and procedures
  • Perform vulnerability/risk assessment analysis to support continuous monitoring and security control testing.
  • Prepare and review relevant documentation to include System Security Plans (SSPs), Standard Operating Procedures (SOPs), Risk Assessment Reports, Remediation Plans, Plan of Actions and Milestone (POAM), Configuration Management Plan, Incident Response Plan, etc
  • Contribute to Assessment and Authorization (A&A) packages, and System Requirements Traceability Matrices (SRTMs).

  • Requires Bachelor’s degree or equivalent in the fields of mathematics, telecommunications, electrical engineering, computer engineering, or computer science or 4 years related experience
  • Some technical knowledge in security policy, information assurance, and IT systems engineering
  • Must possess analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy
  • IT system and application engineering background with experience in Windows, Linux, and virtual environments, active directory, and networking is desired
  • Experience with certification testing, Risk Management Framework (RMF), information assurance tools, DoD STIG, and vulnerability assessment is desired
  • Security Information and Event Management tools – LogRhythm, ArcSight, NetWitness, Splunk Enterprise Security, AlienVault, or SolarWinds Log and Event Manager experience is desired
  • Experience reviewing and developing accreditation/certification packages
  • Knowledge of risk assessment tools, disaster recovery, technologies and methods
  • Experience planning, researching, and developing security policies, standards and procedures
  • Excellent written, oral, and interpersonal communication skills. Ability to communicate information assurance issues to peers and management
  • Ability to instruct and train site personnel on cyber security awareness
  • Self-starter requiring minimal supervisory direction and oversight