Information System Security Officer (ISSO)

Work Where it Matters

Tuvli, an Akima company, is not just another federal IT contractor. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska.

At Tuvli, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States.

For our shareholders, Tuvli provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years.

For our government customers, Tuvli ensures that solutions are strictly aligned with agency processes and desired program outcomes while delivering the best value for technology investments.

As a Tuvli employee, you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options.

Tuvli, (an Akima company) is looking for an Information System Security Office to work in Petaluma, California.  To join our team of outstanding professionals, apply today!

• Plans, develops, and analyzes security measures to protect critical information from counter-threats and possible attacks.
• Protects sensitive information by ensuring required software is functioning and being used correctly.
• Researches new methods to improve digital security and eliminate vulnerabilities.
• Monitors and reviews user access logs and provides user usage reports to management.
• Audits operations to ensure compliance with government regulations.
• Evaluates and recommends the installation, modification and replacement of hardware or software components. Performs work with a high degree of latitude. Handles the most complex issues. May act as a lead.
• Responsible for ensuring that the appropriate operational security posture is maintained for each assigned information system.
• The ISSO is responsible for the day-to-day implementation, oversight, and maintenance of the security configuration, practices, and procedures for each product under the ISSO's purview in accordance with USCG and federal policies and guidelines.
• ISSO duties and responsibilities fall into five main areas: security operations and management (including access control and other policy implementation), security planning/documentation (i.e. SSP, ATO, etc.), security monitoring and evaluation (including audit, assessment, and risk management), security awareness and training, and security incident reporting and response management (i.e., POA&Ms, etc.).

• Ability to obtain a Public Trust clearance is required for consideration.
• Bachelor’s or Master’s degree in Engineering, Computer Science, Information Systems, Cyber Security, or related discipline. Education substitution requires 10+ years’ experience supporting IT systems information and system security operations.
• 8+ years’ experience as an ISSO, information security, or cybersecurity role supporting unclassified and/or classified systems responsible for the cybersecurity of IT networks, systems, and applications.
• Experience implementing NIST and/or DoD cybersecurity policy and guidelines.
• Experience completing the Authority to Operate (ATO) process for Government systems.
• Experience using Enterprise Mission Assurance Support Service (eMASS), which is the DoD web-based system for cybersecurity management and system Accreditation.
• Experience reviewing vulnerability scans, planning risk mitigations, and coordinating/tracking the implementation of vulnerability solutions.
• Must possess and maintain at least one of the following certifications:
  • International Information Systems Security Certification Consortium (ISC²), Certified Information Systems Security Professional (CISSP), the Global Information Assurance Certification (GIAC) [SANS] Information Security Professional (GISP), or the Computing Technology Industry Association (CompTIA) Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 IAM Level III proficiency.