Nov 28, 2022

Information Systems Security Officer - Entry to Senior (Maryland)

  • National Security Agency
  • Fort Meade, MD, USA

Job Description

Do you want to be at the forefront of strengthening our National Cybersecurity posture? Do you want to do work you can't do anywhere else? Do you want to help chart the course for NSA's innovative Cybersecurity and help prevent future cyber-attacks against the United States? If so, NSA is the place for you! Information System Security Officers perform a broad spectrum of duties and may: - perform audits, inspections, and investigations in accordance with government regulations and make appropriate recommendations for improvement - provide technical support to the security certification and accreditation process - work collaboratively with stakeholders on the risk assessment process - coordinate hardware/software/firmware modifications within the Risk Management Framework - assess the effectiveness of security solutions against present and projected threats

Information System Security Officers are responsible for ensuring the appropriate operational security posture is maintained for an information system (IS). ISSO responsibilities support the monitoring of NSA/CSS networks to detect and correct areas of security non-compliance, unmitigated vulnerabilities, and other risks in order to prevent insider threats and adversary activity. ISSOs follow consistent security processes and play a critical role in the Information Systems Continuous Monitoring (ISCM) Program to support the agency's need to continuously operate its information assets within an acceptable security posture and coordinate a proactive response as the threat environment changes.

The qualifications listed are the minimum acceptable to be considered for the position. This position has a Cyberspace Workforce Improvement Program (CWIP) requirement. Candidates accepted to fill this position will be required to obtain a DoD 8570.01-M approved certification within six (6) months of assignment. Interested parties currently pursuing certification are also encouraged to apply. Additional requirements may be placed against the selectee, based on requirements defined within DoD 8140.01 and DoD 8570.01-M 'Information Assurance Workforce Improvement Program." Degree in Information Assurance, Information Security, Information Systems, Information Technology, Computer Networking, Information Science, Cyber Security, or related field. Experience must be in one or more of the following areas: information systems design, development, programming, information/computer/cyber/network security, vulnerability analysis, system auditing, penetration testing, computer forensics, computer systems research, reverse engineering, systems engineering, or network and system administration. Relevant experience may also include experience with Risk Management Framework (RMF), Information Systems Security technologies, or IT policies. ENTRY/DEVELOPMENTAL Entry is with a Bachelor's degree and no experience. A high school diploma or GED plus 4 years of relevant experience; or an Associate's degree or 18 semester hours of military coursework/training in a computer-related field plus 2 years of relevant experience may be considered. FULL PERFORMANCE Entry is with a Bachelor's degree plus 3 years of relevant experience, or a Master's degree plus 1 year of relevant experience or a Doctoral degree and no experience. A high school diploma or GED plus 7 years of relevant experience, or an Associate's degree or 18 semester hours of military coursework/training in a computer-related field plus 5 years of relevant experience may be considered. SENIOR Entry is with a Bachelor's degree plus 6 years of relevant experience, or a Master's degree plus 4 year of relevant experience or a Doctoral degree plus 2 years of relevant experience. A high school diploma or GED plus 10 years of relevant experience, or an Associate's degree or 18 semester hours of military coursework/training in a computer-related field plus 8 years of relevant experience may be considered.

The optimal candidate is someone with strong organizational, analytical, communication, and interpersonal skills. Specialized skills may include preventing, assessing, and/or mitigating threats to information systems and infrastructures and the information contained in or transmitted by these systems. This may encompass: - threat and vulnerability analysis - risk mitigation - certification and accreditation - Risk Management Framework Skills applying standards, policies, procedures and requirements for ensuring information security are also beneficial. Industry certifications such as CISSP, CAP, Security+ or MSIS are helpful. If you want to utilize your ISSO expertise to help NSA strengthen the National Cybersecurity posture; you need to talk to us!

Salary offers are based on candidates' education level and years of experience relevant to the position and also taking into account information provided by the hiring manager/organization regarding the work level for the position. This position is hiring for Maryland. Salary ranges vary by location and work level. Salary Range: $50,643 - $164,102 (Entry/Developmental, Full Performance, Senior) On-the job training. Internal NSA courses, and external training will be made available based on the need and experience of the selectee. Typical work schedule is Monday - Friday, with basic 8hr/day work requirements between 0600 and 1800 (flexible).