Information System Security Officer (ISSO)
The Johns Hopkins University Applied Physics Laboratory (APL), a national leader in scientific research and development, is located midway between Baltimore and Washington, DC.
Serve as an Information System Security Officer (ISSO) supporting DoD and non-DoD classified networks and facilities in the Asymmetric Operations Sector.
Duties (Listed in order of importance with the estimated amount of time spent at each task):
- Information System (IS) Oversight (80%)
a. Apply Information System oversight and expertise for assigned IS's on the associated security policies and processes that are required by: the NISPOM, DSS Assessment and Authorization Process Manual, Government security plans, APL's Master System Security Plans (MSSPs), Network Security Plans (NSPs), and other APL security guidance, to ensure compliance while meeting program requirements. Evaluate system compliance by developing and executing IS audit and analyze tools, and reviewing audit logs for non-standard events. Perform visual and automated vulnerability assessments of Operating Systems through the use of accredited tools such as SCAP. Validate that technical setting deviations are approved for the IS or take actions to mitigate. Maintain close coordination with the program and project teams and provide timely feedback regarding issues or concerns. Work collaboratively with the program and project teams to minimize and resolve issues, ensure compliance, and meet requirements. (40%)
b. Assist the program and project teams by developing and maintaining System Security Plans (SSP), network and system diagrams, and other applicable Information System (IS) documentation necessary to maintain security compliance while meeting customer requirements. Contribute to overall program security by providing and tracking required user training; managing, validating, and tracking documentation with respect to User Accounts, Data Transfer Agents (DTA), and Trusted Downloads (TD), and coordinating closely with Program and Group Leadership. (20%)
c. Collaborate with QBO Systems Administrators and assist with technical configurations to ensure security compliance on multiple IS. ( 15%)
d. Other duties as assigned. ( 5%)
- Security Administration (20%)
a. Serve as the Facility Manager for multiple AOS closed areas. In the Facility Manager capacity, develop a strong understanding of the technical work and partner in facilitating the technical work while ensuring the highest degree of security compliance. Maintain a working knowledge of Laboratory security policies and government procedures and requirements to assist the AOS engineers and scientists in securing classified systems and facilities (ODAA, DAAPM, RMF). (10%)
b. Assist in the development and implementation of training or other mitigations needed to limit the occurrence of information systems or facility security incidents and assist in the timely identification, investigation and mitigation of any incidents that do occur. Participate in the preparations for, and assist with, internally and externally led security inspections. Take timely and appropriate actions to correct, document, and inform the IS and facility users, in response to any issues or findings. (10%)
Note: This job summary and listing of duties is for the purpose of describing the position and its essential functions at time of hire and may change over time.
One or more years' experience as a classified systems administrator or ISSO/AISSO for multiple security plans to include current working knowledge and multi-platform computing. BS degree in Computer Science, Management Information Systems, Computer Information Systems, Information Assurance, or comparable field. A combination of education and experience may be substituted for degree. Demonstrated ability to communicate security policy, procedure, and awareness among IS and closed area user community. Strong organizational and multi-tasking skills, ability to work in a team environment or independently. Strong interpersonal, reporting, and documentation skills are essential. Ability to obtain within 6 months of hire and maintain a security certification in accordance with DoD 8570.01-M. Examples of qualifying certifications include Security , CISSP, CASP, or similar. Active SECRET clearance or higher.
Experience with Risk Management Framework and STIG deployment and analysis. Experience with Splunk or other log reduction tools and/or WSUS or other patch deployment tools.Certifications: Security , CISSP, CASP, or similar.
Special Working Conditions: Working in Closed Areas.
Security: A secret clearance or higher is required. Applicant selected will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.
Benefits: APL offers a comprehensive benefits package including a liberal vacation plan, a matching retirement program, significant educational assistance, a scholarship tuition program for staff with dependents, and competitive salaries commensurate with skills and experience. For more information about our organization, please visit our web site at www.jhuapl.edu.
Equal Employment Opportunity: Johns Hopkins University/Applied Physics Laboratory (APL) is an Equal Opportunity/Affirmative Action employer that complies with Title IX of the Education Amendments Acts of 1972, as well as other applicable laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Meet Some of Johns Hopkins Applied Physics Laboratory's Employees
Gianni works on the design, modeling, and simulation of low- to high-fidelity radar projects for the lab. He also conducts tests to evaluate new technologies.
Back to top