SAIC is seeking a senior Lead Information Systems Security Officer (ISSO)/Program Security Officer (PSO) to provide Launch Security Operations Support (LSOS) for multiple programs/customers within the National Reconnaissance Office (NRO), Office of Space Launce (OSL) directorate located at NRO headquarters (Westfields), Chantilly VA. This senior level position will serve as the primary day-to-day security operations and information systems security support to the OSL staff under the Consolidated Launch SETA Integration Contract (CLSIC), responsible for management/oversight for all matters of Program Security and Information Systems Security for programs/assets under the OSL purview/ownership. This position provides oversight, guidance, and technical support, on IT and information system security issues affecting the mission of OSL by providing program security support, and implementing common information system security practices, policies and technologies as well as program security support. Subject will interface with multiple government agencies within both the DoD and IC. Additionally, candidate requires an understanding of Contractor Program Security functions, responsibilities, and disciplines that make up a strong Security Program.
Key duties and/or responsibilities:
- Interface with all NRO headquarters elements regarding OSL Security matters, including but not limited to, SV SPOs, NRO Security (F&ISD, PSD, T&ED, etc)
- Information Security interface to OSL customer Designated Accrediting Authorities (DAO), System Certification Officer (SCO), and to the NRO Office of Security (OS&CI), Enterprise Management Operations Center (EMOC), and Chief Information Security Officer (CISO), for all IT Security, Information assurance (IA), and Cyber Network Defense
- Works directly with Space vehicle (SV) Security Program Office’s (SPOs) on relevant integration/launch related activities, policy development/changes, and associated integration matters Coordinates/implements/maintains operational security posture for all assigned information systems
- Manage a comprehensive OSL information assurance compliance program, tracking OSL IT assets and their accreditation posture. Perform vulnerability/risk assessment analysis to support certification and accreditation of systems and facilities.
- Investigate security incidents and violations; prepare reports of investigations for the corporation and customers, making specific recommendations for corrective and preventive actions
- Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Authorization and Accreditation (A&A) packages, and Security Controls Traceability Matrices (SCTMs)
- Conduct periodic reviews and evaluations of required IS policies and procedures.
- Coordinate IS Security Inspections, tests, and reviews
- Manage, maintain, and execute the IS Continuous Monitoring Plan
- Completes/reviews documentation and requirements in accordance with the NRO’s implementation of ICD 503 and the Risk Management Framework (RMF) process
- Serves as OSL representative on the NRO Computer Incident Response Team (CIRT)
- Attend/participate in OSL IT/IA working groups/boards
- Assist OSL sites with preparation, vulnerability/risk assessment analysis, review, and submission of RMF documentation to include, System Security Plans (SSPs), Risk Assessment Reports, A&A packages
TYPICAL EDUCATION AND EXPERIENCE: Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.
- Minimum 10 years’ experience as PSO/ISSO/ISSM
- Bachelor’s degree or equivalent experience.
- Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Manager Level 2 (Certified Information Systems Security Professional (CISSP), CISM, or equivalent
- Knowledge and hands on experience with ICD 503 and Risk Management Framework (RMF) process
- Working knowledge of Service Now (SNOW) and XACTA
- Broad technical understanding of information technology systems, software, and networks
- Familiarity with Program Security responsibilities to include but not limited to: OPSEC, Program Protection, Personnel Security clearances, Security Training and Education, Classification management
- Manage and oversee system General and Privileged User program
- In depth knowledge of network and information system security principles and test practices
- Previous experience controlling, labeling, virus scanning, and appropriately transferring data (upload/download) between information systems at varying classification levels
- Build rapport with customer and contractors at all levels
- Familiarity with applicable IC and DoD policies, procedures and operating instructions related to IT, IA and IM.
- Ideal candidate will be self-motivated, organized, and detail oriented.
- Must have strong interpersonal skills/briefing skills; communicate with senior level leaders, internal and external personnel on significant matters often requiring coordination between organizations and independent decision making with minimal direct supervision while representing the security organization
- Hands on experience with ICD 503, NIST Special Publications, Intel Community Directives, DoD Issuances, etc.
- Candidate must be a self-driven and results-oriented individual capable of effectively working multiple tasks concurrently in a dynamic, fast-paced environment
- Must have the ability to articulate and present intelligent, decisive and risk-managed security recommendations and decisions on a daily basis
- Attention to detail and strong organizational skills
- Expertise in Microsoft Office suite (MSWord, Excel, Power Point)
- Ability to travel to support other locations
- Must have current TS//SCI (BI within last 7 years) clearance w/polygraph (be able to complete poly)
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.