Solutions By Design II, LLC (SBD) is seeking an Information System Security Officer (ISSO) to join our team in support of our Federal Defense customer in Aurora, CO. The individual(s) in this role will be joining a team that is responsible for maintaining, operating, and providing engineering and technical support to an Oracle Federal Financials (OFF) based e-Commerce system. The team is responsible for administration and maintenance of the existing custom software; administration and upgrade of the existing Commercial-Off-The-Shelf (COTS) software and tools; maintenance of the existing COTS extensions and COTS configurations; corrective software maintenance of custom software, COTS extensions and COTS configurations, including all efforts to diagnose and correct application processing or performance errors; coordination for and troubleshooting of web-based applications executing on remote, Defense Information Systems Agency (DISA) computing platforms and network infrastructure; and support of DISA upgrades of Operating System and Network infrastructure.
- Shall serve as the Information System Security Officer (ISSO), provide weekly updates to the Information System Security Manager (ISSM), and assist the ISSM with security implementation, compliance, and reporting.
- Determines enterprise information assurance and security standards.
- Develops and implements information assurance/security standards and procedures.
- Coordinates, develops, and evaluates security programs for an organization. Recommends information assurance/security solutions to support customers’ requirements.
- Identifies, reports, and resolves security violations.
- Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
- Supports customers at the highest levels in the development and implementation of doctrine and policies.
- Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
- Performs analysis, design, and development of security features for system architectures.
- Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
- Designs, develops, engineers, and implements solutions that meet security requirements.
- Provides integration and implementation of the computer system security solution.
- Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
- Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
- Ensures that all information systems are functional and secure.
- The ISSO shall have a college degree, a minimum of 10 years of experience to include IA experience with a program of the size and complexity of the contract.
- The ISSO shall have at least five years’ experience in planning, documenting, and resolving security and information assurance issues on a college degree, a minimum of 10 years of experience to include IA experience technical program of the size and complexity of the contract;
- The ISSO shall have experience leading the overall role of relevant System Engineering and Integration efforts on a technical program of the size and complexity of the contract and possess a CISSP, Security+ certification helpful.
- For each individual, a bachelor’s degree from an accredited university in an IA related field (e.g., computer science, engineering, management, accounting, finance). 15 years of experience may substitute a bachelor’s degree.
- IA personnel shall have a minimum of 5 years of experience to include experience with applications, databases, and projects of the size and scope of the contract.
- Security DBA skills with a minimum of 5 years of experience with database IA (specifically Oracle) to include the application of DoD Security Technical Implementation Guides (STIGs)/ RMF CCIs and the completion of IA checklists (e.g., DoD 8500.2).
- Application security skills with a minimum of 3 years of experience with application IA to include the application of STIGs and the completion of IA checklists. Specific experience should include WebLogic, JAVA, IIS, Apache, at a minimum.
- A Minimum of 1 year of experience with communications security to include familiarity with communications software products (e.g., government-provided Connect:Direct®, Secure File Transfer Protocol [SFTP]), the application of STIGs, and the completion of IA checklists [e.g., DoD 8500.2]).
- Additional requirements for IA Personnel shall include experience in Information Assurance (IA) requirements analysis; RMF; experience with Virtual Machines (VMs) in an Enterprise level environment; experience in STIG/IAVA implementation and DoD 8500.2 IA Check list; and experience with assimilating systems.
- IA certifications (e.g., CISSP, CISA, CISM) to support the consolidated IA workforce requirements.
- Must be a US Citizen possessing or able to obtain Privileged (IT-1) clearance, with either a Single Scope Background Investigation (SSBI) or pending SSBI with Interim IT-1 National Agency Check (NAC portion of the SSBI completed).
Solutions By Design II, LLC (SBD) is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at SBD will be based on merit, qualifications, and abilities. SBD does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, IWDs, Veteran Status or any other characteristic protected by law (referred to as "protected status").