$106,000–$107,000 Per Year
Access Authorization, Administrative Skills, Air Force, Computer Firmware, Computer Security, Computer Systems, Configuration Management, Documentation, Incident Response, Information Systems/Technology IS/IT Administration, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Maintain Compliance, Management of Information Systems/Technology (MIS), Military, Network Administration/Management, Network Security, Operating Systems, Operations Security (OPSEC), Reporting Skills, SAP, Security Analysis, Security Clearance, Security Compliance, Security Monitoring, Sensitive Compartmented Information (SCI), Status Reports, System Operations, Systems Administration/Management, Systems Analysis, Systems Hardware, Systems Maintenance, Top Secret Clearance
Location: Robins AFB, GA
Security Clearance: Active TS/SCI (Must be able to obtain a CI Poly)
Job Type: Full-Time
Target Salary Range*:$106,000 - $107,000
*This represents the potential salary range for this position depending on education level, years of experience and/or certifications in addition to other position specific requirements which may impact salary
Positive Overview
The Information System Security Officer II is responsible for ensuring the appropriate operational security posture is maintained for an information system. This role works in close collaboration with the Information System Security Manager and Information System Owner to manage the security aspects and day-to-day security operations of an information system, including physical and environmental protection, personnel security, incident handling, and security training and awareness. This position supports Special Access Programs for Department of Defense agencies, including HQ Air Force, the Office of the Secretary of Defense, and Military Compartments efforts, and provides day-to-day support for Collateral, Sensitive Compartmented Information, and Special Access Program activities.
Key Responsibilities
Information System Security Operations
- Assist the Information System Security Manager in meeting assigned duties and responsibilities.
- Perform ISSO duties in support of in-house and external customers.
- Monitor information systems and their operating environments in close coordination with the Information System Security Manager and Information System Owner.
- Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media.
- Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
Authorization and RMF Support
- Prepare, review, and update authorization packages.
- Develop and update authorization documentation.
- Conduct periodic reviews of information systems to ensure compliance with the security authorization package.
- Ensure all information system security-related documentation is current and accessible to properly authorized individuals.
- Execute the cybersecurity portion of the self-inspection, including providing security coordination and review of all system assessment plans.
- Prepare reports on the status of security safeguards applied to computer systems.
Configuration Management and Security Impact Analysis
- Implement configuration management across authorization boundaries.
- Coordinate any changes or modifications to system hardware, software, or firmware with the Information System Security Manager and Authorizing Official or Designated Authorizing Official before the change.
- Conduct security impact analysis activities for all configuration management changes to authorization boundaries and provide results to the Information System Security Manager.
- Assess the security impact of changes and make recommendations to the Information System Security Manager.
- Notify the Information System Security Manager when changes occur that may affect the authorization determination of the information systems.
Audit, Vulnerability, and Training Support
- Ensure audit records are collected, reviewed, and documented, including any anomalies.
- Identify cybersecurity vulnerabilities and assist with implementation of countermeasures.
- Attend required technical and security training, such as operating system, networking, and security management training, relative to assigned duties.
Qualifications
Education
- Bachelor’s degree and 2 years of experience; or
- Associate degree and 4 years of experience; or
- 6 years of experience with no degree.
Experience
- 2–5 years of related experience, especially in developing RMF packages or bodies of evidence.
- Prior performance in roles such as System Administrator, Network Administrator, or Information System Security Officer.
- SAP experience.
Certifications
- IAT Level II or IAM Level II certification.