Information System Security Officer (Nellis AFB) - 33099
- Las Vegas, NV
Provide expertise in information and computer system security. Plan, manage, and execute accreditation efforts as directed by the USAFWC/VTTC. These efforts include, but are not limited to: authorization packages to obtain Authorizations to Operate and Connect, preparation of information and artifacts for IATT/ATO/ATC submission, management of risk and conducting risk assessments, conducting annual security reviews and scans, and reporting security posture of all networks and information system enclaves within the VTTC, and enterprise-level information assurance efforts to maximize efficiency across the VTTC effort. Ensure VTTC systems are in compliance with the requirements of the Risk Management Framework (RMF), National Institute of Standards and Technology Special Publications (NIST SP), Federal Information Processing Standards Publication (FIPS), and AFI 17-101. The Contractor shall generate and maintain System Security Plans, support Continuous Monitoring (CM), and create Plans of Action and Milestones (POA&M) for non-compliant and non-applicable controls. Additionally, the Contractor shall schedule and conduct ACAS scans, perform and document initial training for all personnel requiring access to any classified VTTC IS, ensure Configuration Management (CM) of each IS. Finally, the Contractor shall track accreditation/cybersecurity status for all persistent system connections (external and internal), ensure the interconnection of external sites/units across various networks for regular training, ensure networks are installed and operated in accordance will established directives, and support maintenance of network Interconnection Security Agreements (ISA) with external sites.
KSA Requirements: ISSO for VTTC shall have the following:
- DoD 8570.1 IAM-Level II certification (e.g., CAP, CASP CE, CISSP, GSLC, CISM)
- 3 years of system security engineering experience in conducting information system
security assessments; evaluating IA and Cybersecurity security controls; and conducting and
supporting RMF activities in Steps 1 – 5.
- Strong working knowledge of S/SAP enclave accreditation and ACAS operations
- Strong working knowledge of RMF, Defense Information Assurance Certification and Accreditation Process (DIACAP), and Joint Special Access Program (SAP) Implementation Guide (JSIG)
- DoD 8570.1 IAM-Level III certification (e.g., CISSP) for 1 FTE
- Bachelor's degree in information systems management, computer science, electrical engineer, or computer engineering.
- Waiver of individual experience/qualification requirements will be addressed by on a case-by-case basis.
Security Clearance: Top Secret/Sensitive Comp Info
Back to top