Overview
We are seeking an ISSO II, for a long-term contracting opportunity in Maryland. The ISSO II will be
responsible for providing support for a program, organization, system, or enclave’s information
assurance program.

Responsibilities
The ISSO II will provide support for proposing, coordinating, implementing, and enforcing information
systems security policies, standards, and methodologies; maintain operational security posture for an
information system or program to ensure information systems security policies, standards, and
procedures are established and followed; assist with the management of security aspects of the
information system and perform day-to-day security operations of the system. The ISSO II will
evaluate security solutions to ensure they meet security requirements for processing classified
information, and perform vulnerability / risk assessment analysis to support certification and
accreditation; provide configuration management (CM) for information system security software,
hardware, and firmware; manage changes to System Security Plans (SSPs), Risk Assessment Reports,
Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices
(SRTMs). In addition, the ISSO II will support security authorization activities in compliance with
NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Information
Assurance Certification and Accreditation Process (DIACAP).

Qualifications
The ISSO II must have ten (10) years of experience as an ISSO on programs and contracts of similar
scope, type, and complexity. Experience is to include at least two (2) of the following areas:
knowledge of current security tools, hardware/software security implementation; communication
protocols; and encryption techniques/tools. A Bachelor’s degree in Computer Science or related
discipline from an accredited college or university is required. Four (4) years of additional experience
as an ISSO may be substituted for a Bachelor’s degree. Active TS/CSI/CI Poly also required.