Information System Security Analyst (ISSO)

Information systems security officers (ISSO) research, develop, implement, test and review TSA’s information security in order to protect information and prevent unauthorized access. ISSO will inform users about security measures, explain potential threats, install software, implement security measures and monitor networks. The ISSO will plan, implement, upgrade, and monitor security measures for the protection of computer networks and information. They may also ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. ISSO will respond to computer security breaches and viruses.

• Security Categorization
• Information System Descriptions and Registrations
• Common Security Control ID and Selection
• Monitoring Strategy
• Security Plan and Security Plan Approval Recommendations
• Implement Security Controls; Documentation, Monitoring
• Compliance and Authorization Services; FISMA Inventory and CPIC
• Business Impact Analysis, Contingency Plan, Contingency Plan Test Results
• Interconnection Security Agreements (ISA)
• Decommissioning and Disposal
• Develop System Level Incident Response (IR) Procedures
• Ensure that management, operational, and technical controls for securing either National Security Systems or SBU level Information Systems are in place and are followed. This includes ensuring that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle. Conduct Security Authorization (SA) activities in accordance with NIST 800.37 standards. All S&A deliverables must meet the metrics in the DHS Information Security Performance Plan. 
• Report IT Security events/incidents in the time prescribed by DHS 4300 Sensitive Systems Policy Directive depending on the severity of the incident.
• Respond to Information Security Vulnerability Management (ISVM) notifications and ensure all systems under their purview are in compliance with the ISVM by the date prescribed by DHS.

• Must have at least 7 years of technical IT security and 5 years Program Management experience with a concentration in support for the US Government OR a relevant Master's Degree and experience, with a concentration in support for the US Government. Such experience can come from system or network administration, security analysis, security testing and evaluation, security incident response, security monitoring, IT project implementation, or other similar technical activities.
• At least one Security certification (CISSP preferred, CEH, CISM etc.)
• Experience with performing NIST RMF activities with specialized expertise in at least one of the following types of systems: database, enterprise, Unix/Linux, financial or cloud environment (e.g. IaaS, PaaS, SaaS)
• Strong technical background, and understanding of ports, protocols, secure application development, networking (e.g., Cisco 5500 Series Adaptive Security Appliances and Cisco Network Switches)
• Demonstrated experience developing complex Security Plans IAW NIST guidance
• Exceptional customer service, overall communication, and technical writing skills
• Extensive experience conducting and analyzing vulnerability assessments of networked and stand-alone information systems to the extent of conclusively validating all technical controls as defined by NIST
• Ability to translate between business focused and technical focused stakeholders at all levels
• Superior problem solving and troubleshooting skills at the System Engineer level
• Strong skills in critical thinking and analysis, both on a strategic and operational level, structured working style with the ability to plan and organize.

General Requirements:

• Must have Certified System Engineer ICAM PACS (CSEIP) certificate
• Extensive experience with government technical publications and implementation (HSPD- 12, FISMA, FIPS-12, DISA, FICAM)
• Extensive experience with Cyber Security Assessment and Management (CSAM), RSA Archer GRC and Doc Tracker
• Extensive experience with RedHat Enterprise and Suse Linux Enterprise server
• Extensive experience with SQL server
• Extensive experience with the following systems: Windows Server 2012, 2016 and newer file and application servers
• Extensive experience with the following systems: Windows 7, 10 and newer
• Must have knowledge and experience with servers, enterprise storage arrays including SAN and NAS solutions
• Must have knowledge and experience with Microsoft Cluster technology
• Must have knowledge and experience with virtualization technology including VM Ware or Microsoft HyperV Virtualization
• Must have knowledge and experience with Microsoft Windows Active Directory
• Extensive experience with Microsoft Windows Server Update Services, Microsoft System Center Configuration Manager, Nessus Professional by Tenable and McAfee ePO
• Extensive experience with Group Policy, Networking IP/DHCP, Exchange, DNS, IIS. (Architecture, design, disaster recovery and troubleshooting.)
• Must have Certification for American Dynamics CCTV Systems, Video Edge NVR and Victor Enterprise
• Must have Certification for Identiv Velocity
• Must have Certification for Software House C-CURE 9000
• Extensive experience with Stratus everRun
• Extensive experience with Innometriks ID server
• Extensive experience with OCSP, PKI and Smartcard ID badges and reader technology
• Must have knowledge and experience with HID ActivID Desktop Validation Client
• Must have knowledge and experience with Corestreet Validation Client
• Must have knowledge and experience with CA Privileged Access Manager
• Must have knowledge and experience with Bomgar BeyondTrust Representative Console
• Must have knowledge and experience with Traka Touch Key Cabinets and Traka Touch Locker Systems
• Must have knowledge with Certipath Trust Visitor and STOPware PassagePoint Professional Visitor Management Systems
• Must have knowledge and experience with Telaeris Xpress entry