Overview:
SR. INFORMATION SYSTEM SECURITY OFFER (HITS-R):
Bowhead seeks a Sr. Information System Security Officer to support the High Performance Computing Modernization Program (HPCMP) Integrated Technical Services -Restricted (HITS-R) contract located in Fort Belvoir, VA. Bowhead will provide the High Performance Computing Modernization Program (HPCMP) with technical and professional support elements required for the operation of the HPCMP Office (HPCMPO) in all phases of planning and execution of its mission, including: technical and administrative support in all areas of program activity, program management support, meeting facilities and office environment, to include a complete telecommunications and computer systems capability and full logistical services.
Responsibilities:
- Assist the ISSMs in meeting their duties and responsibilities.
- Implement and enforce all DoD IS cybersecurity policies and procedures, as defined by cybersecurity-related documentation to include the Risk Management Framework (RMF) and applicable overlays.
- Ensure that all users have the requisite security clearances and access authorization, and are aware of their cybersecurity responsibilities for DoD IS systems under their purview before being granted access to those systems and according to the agreed upon Service Level Agreements (SLA).
- In coordination with the respective ISSMs, initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSO.
- Ensure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals.
- Develop procedures to ensure system users are aware of their CS responsibilities before granting access to DoD information Systems. Process and review DD-2875s.
- Support Risk Management Framework (RMF) system categorization process and memorandum for Confidentiality, Integrity, and Availability impact level determinations
- Ensure that CS requirements are integrated into the Continuity of Operations Plan (COOP) for that system or DoD Component.
- Ensure that CS security requirements are appropriately identified in computer environment operation procedures.
- Develop security requirements and maintain list of hardware, software, and services acquisitions specific to CS security programs.
- Ensure that IA and IA enabled software, hardware, and firmware comply with appropriate security configuration guidelines, policies, and procedures.
- Create and review System Security Plans (SSP), as required
- Prepare for Assess and Authorize (A&A) and Security Control Assessor (SCA) validations and/or inspections and ensure that CS inspections, tests, and reviews are coordinated.
- Prepare and maintain documents and artifacts for the Assess and Authorize (A&A), Authority to Connect (ATC), Assess Only (AO), Interim Authority to Test (IATT) and Security Control Assessor-Validator (SCA-V) inspections and ensure that CS inspections, tests, and reviews are implemented.
- Evaluate the presence and adequacy of security measures proposed or provided in response to requirements contained in HPCMP program documents.
- Advise the Authorizing Official/Authorizing Official Designated Representative and Security Control Assessor (SCA) of any changes affecting the enclave's CS risk level and security posture.
- Ensure IAT Levels I - III, IAM Levels I and II, and anyone with privileged access performing IA functions receive the necessary initial and sustaining CS training and certification(s) to carry out their CS duties. Ensure that the Program's supported users receive initial and annual CS Awareness training by verifying completion in ATCTS.
- Analyze identified security strategies and recommend the best approach or practice for the enclave.
- Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
- Monitor and evaluate the effectiveness of the enclaves' CS security procedures and safeguards to ensure they provide the intended level of protection.
- Ensure that implementation and verification of compliance with the command's or organization's SOP address the reporting of security violations and incidents to the servicing Cybersecurity Service Provider (CSSP).
- Evaluate and approve development efforts follow the Interim Authority to Test (IATT) and/or the Assess Only process to ensure that baseline security safeguards are appropriately installed and mitigated.
Qualifications:
-
BA/S in Computer Science, Information Systems, Engineering, Business, or other related field is required. A combination of experience and education may be accepted in lieu of degree.
-
Four years (4+) of relevant technical experience is required.
-
Intermediate-to-advanced level skills in Microsoft Office software suite Word, Excel, Outlook, and PowerPoint.
-
Ability to communicate effectively with all levels of employees and outside contacts.
-
Strong interpersonal skills and good judgment with the ability to work alone or as part of a team.
Physical Demands:
- Must be able to lift up to 25 pounds
- Must be able to stand and walk for prolonged amounts of time
- Must be able to twist, bend, and squat periodically
SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the Top Secret level, may be required to obtain a Top Secret/SCI clearance upon hire. US Citizenship is a requirement for Top Secret clearance at this location.
#LI-KC1