Information Systems Security Officer Job Description Template
Our company is looking for a Information Systems Security Officer to join our team.
Responsibilities:
- Conduct thorough reviews of all vulnerabilities, architecture, and defense in depth strategies and report findings in POA&Ms document;
- Promote an environment of continuous process improvement, learning and team collaboration;
- Maintain cybersecurity policy and processes as assigned;
- Manage and track systems or programs involved in the A&A process;
- Conduct IV&V assessments and analyze test results for accuracy, compliance, and adherence to Federal cybersecurity requirements;
- Conduct cybersecurity analysis in preparation for A&A reviewing and validation of all associated cybersecurity documentation and technical controls;
- Document, organize and implement security control requirements;
- Conduct both technical and non-technical internal audits and testing to validate system and operational requirements compliance;
- Use workflows to develop security artifacts;
- Prepare vulnerability test plans and coordinate the testing and result procedures;
- Active TS/SCI clearance required;
- Prioritize tasks;
- Excellent interpersonal skills, including the ability to work on multi-functional teams;
- Bachelor’s degree in IT or equivalent experience required;
- Conduct research and analysis.
Requirements:
- Developing or revising system-specific security safeguards and local operating procedures that are based on relevant guidelines and regulations;
- Must possess an interim Secret Clearance;
- ISC2 Certified Cloud Security Professional certification (CCSP);
- Manage and control changes to the system and assessing the security impact of those changes;
- One or more of the following certifications preferred (Security+, CAP, CISSP, CISM, GSEC, GCIH, or GSLC);
- Ensure that information system security policies, standards, and procedures are established and followed;
- Evaluate security solutions to ensure they meet security requirements for processing classified information;
- A bachelor’s or advanced degree in Computer Science, Information Assurance, or other cyber discipline is preferred;
- Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information;
- Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades;
- Develop system security policy and ensures compliance;
- Plan and coordinate the IT security programs and policies;
- Provide CM for security-relevant information system software, hardware, and firmware;
- Assist with preparation and maintenance of documentation;
- Perform day to day security operations for the system. Perform vulnerability and risk assessments to support certification and accreditation.