• Information Systems Security Officer

    Job Location US-MD-Annapolis Junction
  • Overview

    ASRC Federal - Vistronix is a national security solutions provider specializing in transforming big and complex data sets into mission critical intelligence.  Ingesting, processing, and exploiting Big Data is at the core of everything we do: Cyber & SIGINT Operations, C4ISR & Multi-INT Processing, and Enterprise & Open Source Analysis.  As a national security middleweight, we have a passion for our customers' mission and value ingenuity, agility, speed, and the ability to think and deliver at scale.  For more information, visit www.vistronix.com.


    ASRC Federal - Vistronix is currently seeking an experienced Information Systems Security Officer for a role on one of our subcontracts.  This full time position affords the successful candidate the opportunity to work in an engaging, high-tech development environment, working with an excellent team and customer base. 


    The Information System Security Officer I provides support for a program, organization, system, or enclave’s information assurance program. Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assists with the management of security aspects of the information system and performs day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system security software, hardware, and firmware. Manages changes to system and assesses the security impact of those changes. Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment & Authorization (A&A) packages, and System Controls Traceability Matrices (SCTMs). Supports security authorization activities in compliance with the NIST Risk Management Framework (RMF) and any DoD and IC tailored requirements.   


    Labor Category Requirements:

    • Five (5) years of experience as an ISSO on programs and contracts of similar scope, type, and complexity are required.
    • Experience is to include at least one (1) of the following areas: knowledge of current security tools and hardware/software security implementation; communication protocols; encryption techniques/tools.
    • Bachelor’s degree in Computer Science or related discipline from an accredited college or university is required. Four (4) years of additional experience as an ISSO may be substituted for a Bachelor’s degree.

    Labor Category Capabilities Include:

    • Evaluate security solutions to ensure they meet security requirements for processing classified information;
    • Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies;
    • Maintain operational security posture for an information system or program;
    • Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system, program, or enclave;
    • Develop and update the system security plan and other IA documentation;
    • Provide configuration management for security-relevant information system software, hardware, and firmware;
    • Assist with the management of security aspects of the information system and perform day-to-day security operations of the system;
    • Develop system security policy and ensure compliance;
    • Administer the user identification and authentication mechanism of the Information System (IS).

    Job Specific Key Tasks Include:

    • Plan and coordinate the IT security programs and policies

    • Manage and control changes to the system and assessing the security impact of those changes

    • Obtain A&A for ISs under their purview
    • Provide support for a program, organization, system, or enclave’s IA program
    • Serve as the Approval Authority to validate or approve user authorization for accounts associated with systems under their control
    • Understand the authorization boundary of systems
    • Collaboration with System and Network administrators to understand and document data flow and architecture diagrams
    • Knowledge of security controls, the assessment and applicability to systems
    • Maintain operational baseline of systems under their purview
    • Provide ongoing Continuous Monitoring to assigned systems
    • Provide and validate the operational security posture of systems and ensure they are maintained
    • Ability to initiate the reauthorization process of a system that needs reaccreditation
    • Ability to decommission a system when it is no longer required
    • Manage risks while assigned system is in operation
    • Ability to understand the POA&M process as well as track and closeout any outstanding liens
    • Ability to acknowledge and respond to IAVAs and create liens as necessary
    • Perform, coordinate and document security relevant changes
    • Perform vulnerability assessments to ensure updates and system baseline are enforced
    • Recognize a possible security violation and take appropriate action to report the incident
    • Manage protective or corrective measure when an IA incident or vulnerability is discovered
    • Provide security and awareness oversight and/or training as required
    • Review of audit reduction tools to monitor and review systems for compliance with IA policy
    • Excellent written and verbal communication skills
    • Excellent leadership and teamwork skills
    • Results oriented, high energy, self-motivated

    Job Specific Qualifications:

    • Any of the following or higher certifications: A+ with Continuing Education, Cisco Certified Network Associate-Security (CCNA-Security), Network+ Continuing Education,  System Security Certified Practitioner (SSCP).

    This position requires an active Security Clearance.


    Positions require a Top Secret security clearance, based on current background investigation (SBI), as well as the favorable completion of polygraph.  Clearance and polygraph processing will be completed by the U.S. Government.


    ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers.  All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.




    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed