The Information Systems Security Officer (ISSO) is responsible for ensuring the operational security of the classified and unclassified information systems for the IDA Research Centers located in Princeton, NJ and San Diego, CA. The ISSO will maintain the System Security Plans (SSP) and related documentation, verify that systems are operated securely, conduct periodic reviews, and report security incidents.
This position can primarily work from the Princeton, NJ office or the San Diego, CA office. The position does require regular travel between the two offices. Position responsibilities and job performance will be evaluated jointly by the Division Directors of the two offices.
ISSO for classified and unclassified IS in two separate research labs.
Maintains on-line SSPs and supporting documentation in accordance with Department of Defense and NIST guidelines.
Provides direct oversite for acquisition security vetting programs for IS procurements to include; Acquisition Security (ACQSEC), Baseline Exception Request (BER), and Procurement Authorization Request (PAR).
Coordinates penetration tests and external evaluations.
Verifies that audit logs are periodically reviewed to ensure proper procedures are being followed.
Verifies that firewalls, perimeter defenses and intrusion detection systems are periodically audited to ensure they are configured and working properly.
Verifies that backup and disaster recovery systems are periodically inspected and tested.
Verifies proper marking, control, and removal of classified system hardware and media.
Implements information systems security training and awareness programs for users.
Monitors site compliance with information systems security requirements and programs developed by the sponsoring agency.
Verifies that Personally Identifiable Information (PII) and related data on IS is protected appropriately.
Verifies that CCR systems comply with IDA corporate IT policy.
Keeps management aware of system security issues.
Stays aware of relevant security policy and technology, and recommends appropriate policies and system changes.
Performs other duties as required.
Bachelor's Degree in an information technology area, or demonstrated equivalent experience (i.e., at least 5 years of specifically related background, in addition to the experience requirements below).
Three or more years’ experience as an ISSO or similar role is preferred, including experience with formal system certification and accreditation. Government or military equivalent would be IAT Level II or IAM Level I.
At least one of the following Information Assurance certifications: CAP (ISC2), GSLC, Security+CE, GSEC, SSCP, or sufficient background to obtain certification within 6 months of employment. Higher-level certifications such as CISM or CISSP are strongly desired and may be required for future advancement.
Willingness to travel and spend significant time at both sites, especially at start of employment.
Familiarity with Linux and Microsoft Windows Server operating systems, and TCP/IP networking.
Familiarity with vulnerability scanning and assessment tools.
Exceptional communications skills, both orally and in writing, and good interpersonal skills.
U.S. citizenship with the ability to obtain and maintain a Top Secret and other security clearances.
IDA (Institute for Defense Analyses) – a not-for-profit corporation headquartered in Alexandria, Virginia just outside Washington, DC – operates three Federally Funded Research and Development Centers (FFRDCs) in the public interest: the Systems and Analyses Center, the Science and Technology Policy Institute, and the Center for Communications and Computing.
Sponsors rely on IDA for dispassio...nate, fact-based, and scientifically rigorous research and advice to inform their decisions. Since 1956, IDA’s basic mission has remained unchanged – bring the best scientific, technical, and analytic talent to bear on issues critical to U.S. National security, in a research environment free of commercial or shareholder interests where objectivity and the public interest are foremost.
The work produced by IDA’s FFRDCs is characterized by unquestioned objectivity and high quality. Because of our unique relationship with our Government sponsors, IDA enjoys unusual access to highly classified and sensitive government and corporate proprietary information. We adhere to a strict regime for avoiding conflicts of interest. We are thus in the position of offering outsider perspectives on important issues with insider access to information.
Our diverse mix of professionals possesses expertise in a broad range of technologies and systems combined with deep knowledge of costs, policies, operations, and organizational matters. IDA continually renews and evolves its staff, integrating those newly educated in the latest advances in research with seasoned veterans of acquisition management, policy-making, and operational leadership roles in government and defense-related organizations. The exceptional creativity, determination, and commitment to service that IDA researchers bring to their work are the foundation of IDA’s excellence.