Information Security Specialists – Mid

Functional Responsibilities:

The ISS – Mid shall possess an active and transferable U.S. TOP-SECRET (with SSBI).The primary duty of this position will be to support the SITS position and IT staff in providing and administering to firewall protection; intrusion prevention and detection; log analysis and review; traffic analysis, user account management, and incident reporting for the project IT systems. Candidate shall be certified as an information systems security professional (CISSP) and possess a minimum of three (3) years’ experience directly supporting information systems security efforts.

General Experience:

• Activities Associated with Identifying Security Controls that are Provided by the Organization as Common Controls for Organizational Information Systems and Document the Controls into the SSP or equivalent Documents
• Activities Associated with Tailoring Security Controls as Needed
• Activities Associated with Developing a Strategy for Monitoring Security Controls Effectiveness and any Proposed or Actual Changes to the Information System
• Activities Associated with Implementing Security Controls
• Activities Associated with Documenting the Implemented Security Controls in the SSP with a Functional Description of the Control Implementation
• Activities Associated with Developing, Reviewing and Approving a Plan to Assess Security Controls
• Activities Associated with Assessing Security Controls in Accordance with the Assessment Procedures Defined in the SSP
• Activities Associated with Preparing the Security Assessment Reports Documenting the Issues, Findings and Recommendations
• Activities Associated with Submitting the Security Assessment Report to the System Owner
• Activities Associated with Monitoring Security Controls
• Activities Associated with Performing System Security Research, Analysis, and Design for New Systems
• Activities Associated with Verifying and Validating System Security Requirements and Analyzing System Security Designs 
• Activities Associated with Implementing Information Security Requirements
• Activities Associated with Performing System Security Research, Analysis, and Design
• Activities Associated with Assisting in the Development of Security Assessment Packages
• Activities Associated with Planning and Overseeing Systems Configuration Changes
• Activities Associated with Participating in Security Inspections, Tests and Reviews