Principal Duties and Responsibilities (*Essential Functions):
- Develop and oversee operational information systems security implementation policy and guidelines of network security, based upon the Risk Management Framework (RMF)
- Provide technical and procedural IS Security advice to government and industrial teams.
- Advise customer on Risk Management Framework (RMF) assessment and authorization issues.
- Coordinate with PSO or cognizant security official on approval of External Information Systems (e.g. guest systems, interconnected system with another organization);
- Oversee ISSOs under their purview to ensure they follow established IS policies and procedures;
- Assume ISSO responsibilities in the absence of the ISSO; maintain required IA certifications;
- Ensure System Administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks;
- Ensure all ISSOs receive the necessary technical and security training (e.g., operating system, networking, security management) to carry out their duties;
- Ensure approved procedures are used for sanitizing and releasing system components and media;
- Maintain a repository of all security authorizations for IS under their purview;
- Coordinate IS security inspections, tests, and reviews;
- Ensure proper measures are taken when an IS incident or vulnerability is discovered;
- Ensure data ownership and responsibilities are established for each IS, and specific requirements (to include accountability, access and special handling requirements) are enforced;
- Ensure development and implementation of an effective IS security education, training, and awareness program;
- Ensure CM policies and procedures for authorizing the use of hardware/software on an IS are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the appropriate AO prior to the addition, change or modification;
- Serve as a voting member of the Configuration Control Board (CCB) and/or the Risk Executive Board, if applicable. The ISSM shall have authority to veto any proposed change they feel is detrimental to security. Appeals on an ISSM/ISSO veto may be taken to the AO. The ISSM may elect to delegate this responsibility to the ISSO;
- Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures;
- Manage, maintain, and execute the information security continuous monitoring plan;
- Ensure a record is maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AO/DAO; and Assess changes to the system, its environment, and operational needs that could affect the security authorization.
- Develop concept of operations for new systems.
_At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefitshere. _
Required Skills
Required Experience
Preferred Qualifications
- CISSP or CISM certification.
- Experience with Army training simulations systems.
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.