ISSO Position Description
Clearance Required: TS//SCI with Polygraph
Key Role: As a member of an IT Project & Support Team, plans, coordinates and executes projects to deploy IT capabilities to traditional and cloud environments. Provides the hands-on expertise to stand up, network, secure and administer systems and shared services in Linux and Windows standalone and networked environments. Advises other project teams regarding the security aspects of conducting research and development in cloud environments.
Executes the ODNI Assessment and Authorization (A&A) process for all IARPA IT systems. Drafts IARPA security policies and procedures. Maintains IARPA’s custom laptop build. Maintains all of IARPA’s Approvals to Operate (ATOs) and security waivers. Participates as directed in Information System Security Officer (ISSO) meetings and activities at LX.
- Bachelor’s degree in computer science (or 4 equivalent years of experience) plus 4 years of IC IT experience
- DoD 8570.01-Manual IAT Level II or higher certifications
- Demonstrated experience with IC information technology (Both Linux and Windows), and security processes (Configuration Management (CM) Continuous Monitoring (ConMon), and Assessment & Authorization (A&A).
- Demonstrated understanding of the Risk Management Framework (RMF), ICD 503 requirements, and NIST SP 800-53 Security Controls.
- Proficiency in Microsoft Office applications (Word, PowerPoint, Excel)
- Experience with STIG/CIS configuration compliance
- Basic Windows administration (active directory, access control, patching, auditing)
- Basic Linux administration (user management, access control, patching, auditing)
- Ability to multi-task and demonstrated self-starter
- Demonstrated time management skills
- Experience with Telos tools (Xacta & Continuum)
- Experience with Nessus, SCAP, and MBSA scanning tools
- Basic PowerShell understanding and scripting
- Basic Office 365 administration
- Experience with Amazon Cloud Services management
- Experience with Splunk auditing
- Experience composing security policies and procedures; and System Security Plans (SSPs)
- Familiarity with ODNI 94 series instructions
- Ability to document standard operating procedures for IA practices