Information Systems Security Officer

Top Information Systems Security Officer Skills

Below we've compiled a list of the most important skills for an Information Systems Security Officer. We ranked the top skills based on the percentage of Information Systems Security Officer resumes they appeared on. For example, 6.4% of Information Systems Security Officer resumes contained Vulnerability Assessments as a skill. Let's find out what skills an Information Systems Security Officer actually needs in order to be successful in the workplace.

The six most common skills found on Information Systems Security Officer resumes in 2020. Read below to see the full list.

1. Vulnerability Assessments

high Demand
Here's how Vulnerability Assessments is used in Information Systems Security Officer jobs:
  • Conduct Information Assurance Vulnerability Assessments of TNCC TROJAN Data Networks after installation of security mechanisms as required.
  • Possess knowledge of risk assessments, vulnerability assessments, penetration testing and certification & accreditation of networks.
  • Conducted vulnerability assessments and mitigated weaknesses discovered during the Security Authorization and/or other periodic testing efforts.
  • Coordinate vulnerability assessments tests to determine system deficiencies, and design mitigation solutions.
  • Performed and analyzed results of vulnerability assessments and validated proposed system changes.
  • Developed and implemented procedures for system security audits, and vulnerability assessments.
  • Conducted risk analysis and vulnerability assessments to establish risk management procedures.
  • Perform vulnerability assessments IAW pertinent Department of Defense security policies.
  • Conduct technical vulnerability assessments and prioritize and track remediation efforts.
  • Perform vulnerability assessments in accordance with DoD security policies.
  • Prepared for and passed 3 DSS security vulnerability assessments.
  • Assisted in risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
  • Performed vulnerability assessments/auditing of network systems with the use of Internet Security Systems Scanner (ISS); fixed/repaired ailments.
  • Work directly with MDA to provide Vulnerability assessments, STIG benchmark scan results, HBSS configurations, and EMET configurations.
  • Conduct vulnerability assessments/penetration tests of information systems and complete a report after from all the findings from the system.
  • Utilized SMS, MBSA and ISS vulnerability scans to conduct periodic security audits and vulnerability assessments.
  • Harden systems and perform vulnerability assessments to ensure compliance with NISPOM directives.
  • Performed vulnerability assessments, followed by mitigation and/or remediation of open items identified by the vulnerability scanning tools (e.g.
  • Conducted risk and vulnerability assessments using vulnerability tools such as Retina and Nessus.
  • Conduct vulnerability assessments and security test and evaluations of DNDO ISs.

Show More

2. Assurance

high Demand
Here's how Assurance is used in Information Systems Security Officer jobs:
  • Coordinate, develop, and evaluate security programs for DHS/CBP and recommend information assurance/security solutions to support DHS/CBP requirements.
  • Work with the network security manager/information assurance personnel to set up network security policies and procedures.
  • Provided leadership to field Information Assurance Analysts that required proper interpretation of program guidelines.
  • Implemented Information Assurance policies and procedures to improve systems and network integrity.
  • Conducted quality assurance and security compliance audits of IT hardware installations.
  • Develop and establish Information Assurance policies and directives specific to location.
  • Meet day-to-day expectations and be responsible for the overall organization and information assurance requirements of all supported systems, e.g.
  • Provide input into the modification and updating of FBI Policy and Procedures for the Information Assurance process.
  • Provide training to federal and contract employees on subject areas that pertain to security and information assurance.
  • Perform Information Assurance Officer (IAO) duties in support of in-house and external customers.
  • Apply IT principles, methods, and practices in the specialty area of Information Assurance.
  • Perform routine and complex assignments in the area of Information Assurance.
  • Provided information security and Information Assurance (IA) support.
  • Managed nine commands information assurance as the ISSO.
  • Develop Information Assurance Standard Operating Procedures (IASOP) for program-wide Special Access Program Facilities (SAPFs).
  • Support RMF Migration/Annual Assessment using the Enterprise Mission Assurance Support Service (eMASS) application.
  • Support of the FBI's information Assurance (IA) policy infrastrucation and IA program.
  • Conduct program management reviews (PMR) with Leidos and Regional Information Assurance Manager.
  • Ensured DoD Information Assurance policies are uphold and understood by command personnel.
  • Provide Information Assurance training to command personnel.

Show More

3. Information System Security

high Demand
Here's how Information System Security is used in Information Systems Security Officer jobs:
  • Facilitated hands on training for new System Administrators regarding Unit and FISMA information system security standards and requirements.
  • Provided recommendations to the ISSM for developing plans to approach and resolve information system security solutions.
  • Perform systems audit trail reviews and investigate Information System security incidents and assist in mitigation.
  • Served at the unit-level Information System Security Officer and managed information on security policies.
  • Ensured that all information system security-related documentation was current and accessible to authorized individuals.
  • Acted as the Information System Security Officer providing oversight over Certification and Accreditation Activities.
  • Conducted annual and semi-annual training for Information System Security Officers.
  • Worked as a member of a team of Information System Security Officers to ensure NISPOM/DIACAP compliance of classified information systems theater-wide.
  • Develop documentation for the Certification and Accreditation process to support the HQ level Information System Security Manager (ISSM).
  • Serve as Information System Security Officer with assigned responsibility for IA matters within PM Mission Command.
  • Perform Information System Security Officer (ISSO) duties in support of in-house and external customers.
  • Reported IA incidents and vulnerabilities to the Information System Security Manager (ISSM).
  • Served as a member of the Information System Security Certification Team by:.
  • Assist the ISSM in reporting and mitigation of information system security incidents.
  • Conducted Information System security audits and pen testing of Coast Guard facilities.
  • Perform Information System Security Engineering (ISSE) tasks as assigned.
  • Achieve Certified Information System Security Professional (CISSP) status.
  • Acted as Information System Security Officer for 13 Divisions.
  • Trained and supervised twenty five information system security administrators to perform the security accreditation of the JWICS and SIPRnet.
  • Provided multi-faceted Information System Security protection for 219 mission systems and two secure facilities with over 15,000 personnel.

Show More

4. Isso

high Demand
Here's how Isso is used in Information Systems Security Officer jobs:
  • Managed a $1 million civilian contract; ISSO for 4 separate networks, 9K users, and 8K systems.
  • Present written findings of ISSO's on a weekly basis for 45 classified information systems and recommendations to FSO.
  • Reported to the Information Security Manager the technical proficiency of subordinate ISSO's for use in annual employee evaluations.
  • Served as ISSO for classified information systems in support of the Transportation Security Agency (TSA).
  • Served as an Information Systems Security Officer (ISSO) supporting the FBI, Accounting Services.
  • Lead ISSO in charge of specification, implementation, compliance and auditing of government security policies.
  • Served as Information System Security Officer (ISSO) for the 525th Military Intelligence Brigade.
  • Assigned as ISSO to Privacy Sensitive System and Sensitive but Unclassified (SBU) systems.
  • Acted as Information System Security Officer (ISSO) for three DHS enterprise systems.
  • Appointed Information Systems Security Officer (ISSO) for DISA GS25 DISN Video Services.
  • Provide IS Information Security System Officer (ISSO) Support to Classified computing environments.
  • Serve as an Information Assurance Officer (ISSO) for ten various programs.
  • Perform all ISSO duties and responsibilities when necessary.
  • Performed ISSO duties for several ICE systems.
  • Contract Information Security Officer (ISSO).
  • Performed ISSO duties for SAP program.
  • Served as ISSO and Lab Manager for the CTTO Lab of the MDNT.
  • Flow down Information to other ISSOs, and delegate work as needed.
  • Documented ISSO related troubleshooting procedures and remediation steps in Atlassian JIRA.
  • Serve as the ISSO Lead for Raytheon Huntsville.

Show More

5. Nist Security Policies

high Demand
Job type you want
Full Time
Part Time
Internship
Temporary

6. System Administrator

high Demand
Here's how System Administrator is used in Information Systems Security Officer jobs:
  • Work closely with system administrators, engineers, and management to accomplish security policy compliance in planning and operational phases.
  • Review System Security Plans and coordinate with System Administrators to harden servers for accreditation.
  • Provided findings to the system administrators for mitigation.
  • Coordinate with System Administrators to mitigate any liens that may be attached to an Approved to Operate SSP.
  • Serve as System administrator, to include server, Virtual environment, and encryption management.
  • Work with the System Administrator to maintain the system's security and accreditation status.
  • Lead person when working with System Administrator and Software Developers on troubleshooting issues.
  • Served as Application and System Administrator, performing daily user setup and maintenance.
  • Trained System Administrators to meet DoD STIG compliance by providing one-on-one instruction.
  • Team, Harris SLR management, & system administrators (SA).
  • Report to Lead System Administrator findings and recommended actions.
  • Worked cooperatively with system administrators to develop mitigations and compensating controls for system vulnerabilities noted during security scans and manual testing.
  • Assigned helpdesk tickets for computer updates and vulnerabilities to system administrators for processing.
  • Coordinate C&A and other IA-related efforts for assigned systems with IAOs, System Administrators, and other stake holders.
  • Worked with System Administrators in order to ensure adherence to compliance of Cyber Security Standards and policy.
  • Worked with system administrators to remediate all Category I and Category II findings.
  • Collaborated with system administrators for implementation, reporting and compliance of IAVAs, ICVAs and STIG implementation.

Show More

7. DOD

high Demand
Here's how DOD is used in Information Systems Security Officer jobs:
  • Provided guidance to properly account for and dispose of legacy equipment existing in violation of DoD regulatory guidelines.
  • Installed and troubleshot incompatibility with required vulnerability patches on DOD information systems.
  • Maintained network/computer security policy for Air Force premier weapon system worth $1.2 billion, ensured 100% DOD security compliant.
  • Access control management of the security codes for building entry, and safes used to hold highly classified DoD information.
  • Configure various Windows, Linux, and UNIX Operating Systems to meet Department of Defense (DoD) Security Guidelines.
  • Retrieve technical data and information for reporting and compliance confirmation of IAVA requests to DoD Enterprise INFOSEC groups.
  • Transitioned all system security authorization packages from an older framework to align with the latest DOD/ MDA requirements.
  • Manage team of 6 for materials, information systems, facilities, and DoD security clearances.
  • Coordinated the installation and training of DOD Public Key Infrastructure (PKI) for organization personnel.
  • Notified users of systems being blocked from the DoD Network Skills Used Time Management, organization
  • Authored DoD sponsored White Paper with mathematical proofs of various password complexity schemes.
  • Monitored DoD Continuous Monitoring Risk Scoring (CMRS) for any concerns.
  • Develop Certification and Accreditation Packages for HQMC and DoD level approval.
  • Hosted recurring IA briefings to corporate and Federal/DoD executive staff.
  • Programmed Fortezza 128-bit encryption cards for DoD Messaging
  • Assigned to Coast Guard Contingency Action Team (CAT) to address DoD Information Security Sprint operation after OPM cybersecurity breach.
  • Key achievements: Provided CIA by verifying IA controls are implemented in accordance with DoD and Air Force IA standards.
  • Conduct comprehensive audits of DoD organizations for compliance with various DoD directives, instructions, policies..
  • Developed a DoD Insider Threat Defense Program Inspection Checklist covering , Security and IA.
  • Managed MAJCOM's program to upgrade and maintain cyber workforces' skills and training to DoD directed standards.

Show More

8. Recovery Procedures

high Demand
Here's how Recovery Procedures is used in Information Systems Security Officer jobs:
  • Diagnosed and resolved network problems, developed network backup and recovery procedures.
  • Assist contingency management groups in planning and executing disaster recovery procedures.
  • Provided contingency management groups with planning and executing disaster recovery procedures.
  • Executed system recovery procedures to minimize losses should an attack transpire.
  • Manage disaster recovery procedures and plans for all systems.
  • Implemented and tested system security, from virus protection to disaster recovery procedures at 701st, Kitzingen, Germany.
  • Help develop, test and review the IT Contingency Plan and the Disaster Recovery procedures every 6 months.

Show More

9. POA

high Demand
Here's how POA is used in Information Systems Security Officer jobs:
  • Followed the Continuity of Operations Plan (COOP) and Plan of Action and Milestones (POAM) as regulated.
  • Devised Plan of Action and Milestone (POA&M) coupled with continuous monitoring plan to manage network risks.
  • Work with different Security Authorization tools to develop related documentation and to track POA&M and vulnerability status.
  • Collaborate with engineering teams to implement Plan of Action and Milestone (POA&M) requirements.
  • Interpreted results of vulnerability scan and produced POA&M s for risks above company risk tolerance.
  • Reviewed and validate Plan of Action and Milestones (POA&M) closures.
  • Manage Plan of Action and Milestones (POA&M) and continuous monitoring.
  • Establish plans of action and milestones (POA&M) and manage remediation.
  • Managed POA&M's and did continuous monitoring for seven different systems.
  • Plan of Action and Milestone (POA&M) list, Risk Based Decisions (RbD) etc.
  • Utilized the Trusted Agent FISMA Tool (TAFT) to monitor the status of POAMS for 80 systems.
  • Generate POA&M reports.
  • Develop Plan of Action and Milestones (POA&M) for identified vulnerabilities and ensure compliance through monthly updates.
  • Authored POAMs to explain specific measures to be taken to correct deficiencies found during security control assessments.
  • Update POA&Ms, contingency plans and ensure they are developed and tested.
  • Report findings with recommendations to authorized personnel for mitigation and open POA&Ms.
  • Monitor POA&M status and perform on-going security assessment.
  • Created, submitted, and tracked all Plan of Action and Milestones (POA&Ms).
  • Facilitate the creation of Plans of Actions and Milestones (POA&Ms).
  • Create, modify, and complete POA&Ms.

Show More

10. Security Requirements

high Demand
Here's how Security Requirements is used in Information Systems Security Officer jobs:
  • Engineered two stand-alone networks for the simultaneous development of the KG-3X Simulator and CVS projects to accommodate necessary security requirements.
  • Validate system security requirements definitions and analysis, dry run testing, review security scans, and verify security requirements.
  • Address the operational interests of the user community while ensuring compliance within the applicable security requirements.
  • Identified solutions that complied with the department mission statement, information security requirements & budget.
  • Develop reports, information, and recommendations that support the implementation of government security requirements.
  • Established laboratory security requirements to ensure integrity of information used on the networks.
  • Lock down computer systems in a mixed environment based upon classified security requirements.
  • Monitored controls post authorization to ensure continuous compliance with the security requirements.
  • Helped develop security requirements for products being considered for government purchase.
  • Analyzed and defined security requirements for computer systems.
  • Defined security requirements for computer systems, including main
  • Established and enforced strict physical security requirements.
  • Ensured that network threats were mitigated quickly, minimizing user down-time, and maintaining 100% compliance with network security requirements.
  • Interpret and/or approve security requirements relative to the capabilities of new information technologies and in accordance with NIST 800 series.
  • Trained staff on audit, BC, export compliance, internal controls, and security requirements.
  • Worked directly with the IA, Infrastructure and Development teams in defining and implementing security requirements.
  • Ensured that system security requirements were addressed during all phases of the system life cycle.
  • Ensured the security requirements for assigned major support system are met.
  • Analyzed and defined security requirements for computer systems including mainframes, workstations, and personal computers.
  • Evaluate state of the art equipment for compliance with security requirements.

Show More

11. Fisma

high Demand
Here's how Fisma is used in Information Systems Security Officer jobs:
  • Analyzed and provided recommendations to the agency regarding policies and procedures compliance implementation with FISMA requirements and NIST guidance.
  • Maintained enclave FISMA reports for Designated Authorizing Official quarterly reporting.
  • Monitor and address FISMA and other Information Security performance scorecards.
  • Completed monthly FISMA Configuration Management tracking report.
  • Recommended and applied technology solutions which met the security control requirements specified by OMB Circular A-123, FISMA and NIST guidance.
  • Analyzed Federal Information Systems Management Act (FISMA) and workforce certification metrics to track deficiencies and developed strategies for compliance.
  • Led a group of security professionals to meet the System Development Life Cycle management of security related requirements from FISMA.
  • Introduced teams to processes to establish FISMA and NIST security compliance, and guided various risk mitigation actions.
  • Provide guidance on infrastructure compliance with the requirements of FISMA and the Federal Enterprise Architecture (FEA).
  • Performed certification and accreditation (C&A), applying NIST security controls and FISMA guidance.
  • Performed Federal Information Security Management Act (FISMA) audit reviews using NIST 800-37 rev 1.
  • Provide technical support in the area of FISMA audits for organizational assets within the FBI.
  • Maintained documentation and FISMA COMPLIANCE for a Single Sign-On General Support System.
  • Maintained FISMA Privileged User List for SCION/NGSCION TS/SCI information system.
  • Authored Privacy Impact Assessment (PIA) for FISMA systems.
  • Performed Assessment and Authorization in compliance with FISMA/NIST Standards.
  • Scanned systems using Foundstone vulnerability scanner quarterly to satisfy FISMA requirements.
  • Served as the IT security POC for assigned systems to ensure GSA information systems comply with FISMA OMB and GSA Policies.
  • Participate in network and system design efforts to ensure the implementation of appropriate security controls and policies for FISMA-reportable systems.
  • Addressed findings from A-123 audits, and cyber security audits that included FISMA, OMB, and OIG.

Show More

12. Configuration Management

high Demand
Here's how Configuration Management is used in Information Systems Security Officer jobs:
  • Perform security assessments using GAO's current processes supporting configuration management, vulnerability scanning, web application security and network monitoring.
  • Developed and oversaw developers with the implementation of a secure web-enabled configuration management tool utilizing Microsoft web and database technologies.
  • Conduct systems analysis, utilize configuration management and develop improvements for system software performance, availability and reliability.
  • Updated anti-virus definitions, security audits, configuration management, and reporting and writing security incident investigations.
  • Work closely with configuration management, software and hardware maintenance personnel in a fast paced environment.
  • Evaluated new security products, performed security audits, and developed configuration management policies as required.
  • Develop and implement procedures using configuration management policy for authorizing use of software on IT systems.
  • Co-chaired Configuration Management Board; monitored hardware and software change control; and implemented configuration items.
  • Developed circuit records, configuration management documents, site/node technical drawings and network specifications.
  • Maintain all software, hardware and firmware changes required by established configuration management procedures.
  • Developed, documented, executed, and implemented configuration management and change control programs.
  • Managed organizational configuration management for telecommunications systems and Automated Information Systems (AIS).
  • Developed and maintained Media and Equipment Configuration Management processes.
  • Maintain configuration management control of hardware and software.
  • Lead the incorporation of configuration management tools and security controls to virtual machines, servers and standard workstations.
  • Developed Configuration Management (CM) Plan for division and a key member of the CM process.
  • Ensured configuration management for IS software, hardware and firmware were documented and maintained.
  • Authored and maintained Configuration Management Plan (CMP) SCION/NGSCION TS/SCI information systems.
  • Perform configuration management of the development systems during the pre-deployment pilot phase.
  • Perform configuration management reviews Review and assess requests for waivers, exceptions, and system changes.

Show More

13. Contingency Plans

high Demand
Here's how Contingency Plans is used in Information Systems Security Officer jobs:
  • Developed security incident reports, equipment/software inventories, operating instructions, vulnerability reports, and contingency plans.
  • Developed and tested disaster recovery/contingency plans and continuity of operation plans for IT systems.
  • Provide advice and leadership in creating and maintaining contingency plans for any security emergencies.
  • Assist in the development and maintenance of system security and contingency plans for all information systems in the 184 Intelligence Group.
  • Created and tested contingency plans for systems, keeping systems up and running 24/7 in the event of disaster.
  • Developed and maintained system security plans (SSP) and contingency plans for all systems under the directorate.
  • Developed, tested, and ensured maintenance of site contingency plans for restoration of critical functions.
  • Evaluate and assist with development of contingency plans and risk management.
  • Assisted multiple systems to complete and test contingency plans.
  • Create, review, assess, and monitor POA&M, SSPs, Contingency Plans and any applicable FISMA documentation.

Show More

14. Acas

high Demand
Here's how Acas is used in Information Systems Security Officer jobs:
  • Assist and advise system administration staff on resolution of security issues and reviewed ACASS scan results as supplied by SA staff.
  • Worked with NOC personnel to implement deployment of ACAS and HBSS.
  • Test and analyze results in ACAS scanning tool to make sure devices and systems have little or novulnerabilities.
  • Assisted access control configuration for the Assured Computing Assessment Solution (ACAS) scanning on all VLANs.
  • Performed ACAS scans using pre-populated scan zones.
  • Experience with Security Analytics, ALERT, ACAS, Xacta, SAP, Excel, Word, and Outlook

Show More

15. Incident Response

average Demand
Here's how Incident Response is used in Information Systems Security Officer jobs:
  • Perform SOC required annual Incident Response Tabletop exercise and provide feedback and recommendations on deficiencies.
  • Manage and Coordinate Information Security Inspections and Incident Response.
  • Coordinated technical incident response and remediation for client environments.
  • Conduct yearly Incident Response and Contingency Planning exercises.
  • Implemented security incident response policies and procedures.
  • Head of Incident Response team from detection to analysis and creating a final report to management, including the insurance policy.
  • Created company policies and procedures governing corporate security, email and Internet usage, access control, and incident response.
  • Establish and lead coordination of incident response teams in response to any outages, penetrations/intrusions, virus outbreak, etc.
  • Lead the Computer Incident Response Team (CIRT) in the investigation and resolution of security related incidents.
  • Documented and reported incidents daily to Naval Computer Incident Response team (NAVCIRT).
  • Performed annual contingency and incident response testing and submitted contingency test reports to OSAISO.
  • Implemented an enterprise based incident response program and forensic capturing (EnCase) system.
  • Update the exercise template with recommended changes for improved future Incident responses.
  • Manage cross functional teams for incident response activities across multiple government projects.
  • Team member for the client's Incident Response Program.
  • Manage company incident response tools.
  • Developed and managed organization's access control policy, removable media policy, remanence security policy, and incident response program.
  • Guaranteed compliance was achieved by utilizing prescribed cybersecurity tools and methods to include Navy Computer Network Incident response processes.
  • Key Achievements: Designed and developed Critical Incident Response Team (CIRT) and methodology.
  • Report incidents within the timeframe prescribed by DHS 4300 policy for incident response.

Show More

16. Issm

average Demand
Here's how Issm is used in Information Systems Security Officer jobs:
  • Collaborate with security assessors/auditors and ISSM to develop and generate, review, and update component documentation.
  • Provided support to the Information Systems Security Manager (ISSM) with all information systems security (ISS) controls.
  • Executed all annual exercises (COOP & FISMA tabletop); submitted results to the ISSM and CIO's office.
  • Tracked and reported to Information System Security Manager (ISSM) the mitigation of security program findings / vulnerabilities.
  • Initiated protective and corrective measures when a security or vulnerability is discovered, with the approval of the ISSM.
  • Coordinated with Information Systems Security Manager (ISSM) on IA policies, procedures, duties and IA efforts.
  • Support and assist the Information Systems Security Manager (ISSM) in all aspects of the assigned system.
  • Provide input to CISO and ISSM for preparation of reports concerning sensitive and/or national security information systems.
  • Provided technical contributions to the ISSM for modification to system via Engineering Review Board (ERB).
  • Aided government ISSM in providing continuity to the ISSG team while employing seniority with customer experience.
  • Communicated findings to the SA and appropriate Information Systems Security Manager (ISSM).
  • Help conduct self-inspections with ISSM and take corrective action for system and network vulnerabilities.
  • Conducted user training and awareness activities under the direction of the ISSM.
  • Worked closely with System Owner, System Engineer and ISSM.
  • Represent COMM ISSM at various security meetings.
  • Full support and reporting to ISSM.
  • Reported directly to the ISSM.
  • Alternate ISSM to Merrimack Facility.
  • Reported the security status of the IS to the ISSM and ISSR, as required by the DAA.
  • Signed off on all RbDs' for TNet, acting as the interim ISSM.

Show More

17. Cyber

average Demand
Here's how Cyber is used in Information Systems Security Officer jobs:
  • Provide cybersecurity-related process improvements and implementation.
  • Provide technical expertise on the implementation of information processing standards as they relate to Cybersecurity/Information Assurance.
  • Direct managing cyber objectives, strategic implementation plans, milestone review, and portfolio management.
  • Prepared and maintained cyber security plans for classified and unclassified systems and laptops.
  • Gathered and helped to define requirements for cybersecurity design and architecture.
  • Acclimated, and utilize the Cyber Security Assessment Management (CSAM) tool for organization security control assessment activities.
  • Participated in the survey, self-assessment, and surveillance programs evaluating the effectiveness of cyber security and CMPC programs.
  • Prepared guidance on AF cyber issues to include joint tasking implementation, system configuration requirements and unit direction.
  • Assisted in the preparation and revision of IA policy and guidance documents for specific Cyber Security related technologies.
  • Provide cybersecurity support to multiple program offices for the development of new systems and updating of legacy systems.
  • Assisted in conducting Command Cyber Readiness Inspection (CCRI) and DISA Security Readiness Review.
  • Provided and briefed in-depth Cyber Security Threat reports to Commander Marine Forces Reserve.
  • Assist with command cyber readiness in preparation for inspections performed by MARFORCYBERCOM.
  • Created, documented, and maintained the Cyber Security policies and procedures.
  • Achieved and maintained AS9100 compliance for cyber security section.
  • Developed customized cyber security based training for two junior cyber security engineers that support other simulator programs on site.
  • Communicated cyber security threats to users by email.
  • Hand-selected as Superintendent to create the Cyber Operations and Cyber Security Branches within the Air Armament Directorate.
  • Updated local policies and training to comply with changes to cybersecurity policies and controls.
  • Created and distributed PowerPoint presentations on cyber security threats and IT policies.

Show More

18. Information Technology

average Demand
Here's how Information Technology is used in Information Systems Security Officer jobs:
  • Engage with both technical and policy stakeholders to maintain and document the security posture of Navy information technology systems.
  • Performed due diligence to determine feasibility of relocating or combining Information Technology Operations and Application Development groups and facilities.
  • Provided advice and direction for program management teams regarding the operation and function of information technology security systems.
  • Rendered support in administering acquisition activities of information technology (IT) projects and programs.
  • Assist with clarification for Information Technology staff in technical matters concerning system accreditation requirements.
  • Provide technical assistance, information technology systems training and advisory service to customers.
  • Maintain fixed asset inventory of all agency information technology assets.
  • Project manager for all information technology related projects.
  • Work closely with Information technology team
  • Ensured that all ISSO critical elements were in-line with the requirements mandated by NavajoArea Office and the Office of Information Technology.
  • Ensured that ISSO related matter were in-line with requirements mandated by Navajo Area Office and the Office of Information Technology.
  • Provided Information Technology training to managers, scientists (Meteorologists and Oceanographers), customers, and contractor personnel.
  • Coordinate approvals for laptop SSAA and Personal Information Technology Device User Statement (e.g., for Palm Pilots).
  • Plan, manage, and provide oversight of Information Technology projects including resources, finances, and scope.
  • Evaluate ISS aspects of information technology hardware, software, networks and communications interfaces.
  • Provide support as Information Technology (IT) Administrator / Technician.
  • Served as ISSO for the FBI Information Technology Operations Division.
  • Supervised 18 Information Technology Technicians in the MWR Directorate.
  • Maintained Plant Automation and Information Technology budget, adhering to set budgetary guidelines.
  • Restructured information technology team to better utilize the strengths ofindividual members.

Show More

19. Nispom

average Demand
Here's how Nispom is used in Information Systems Security Officer jobs:
  • Consulted with KBR management theater-wide on information security/NISPOM related activities.
  • Ensured systems were in compliance with NISPOM Chapter 8 by settings local group policies, disable and enable operating system services.
  • Configure workstation computers for AIS under the strict guidelines found in the NISPOM's chapter 8 using windows XP operating system.
  • Set up, configure, harden and deploy new workstations in accordance to the NISPOM for the classified IS systems.
  • Consulted with and directed the activities of KBR HQ Management and personnel with regard to Information Security/NISPOM/DIACAP related issues.
  • Conduct reviews of computer security requirements for compliance, efficiency, and standardization according to the NISPOM Ch.
  • Perform anti-virus definition updates, on a monthly basis in order to keep systems NISPOM/JAFAN compliant.
  • Overhauled dozens of Linux-based systems unable to meet updated NISPOM regulations and averted shutdown of project.
  • Utilized DCID 6/3 and NISPOM Ch.

Show More

20. Security Posture

average Demand
Here's how Security Posture is used in Information Systems Security Officer jobs:
  • Provided recommendations on security policies and procedures to improve overall security posture.
  • Maintained security posture and documentation of 10 different SAP information systems.
  • Maintain operational security posture for a program or information system.
  • Configured numerous security appliances to improve security postures across clients.
  • Maintain operational security posture for network programs and information system.
  • Validate privacy and security controls (NIST 800-53) are in place and maintain security posture of assigned Software Applications.
  • Key Accomplishment: Significantly improved the patch management program which improved the overall security posture of the HSDN.
  • Ensured that the PM was kept abreast of the IA security posture via formal and informal briefings.
  • Attended various meetings with system personnel to discuss system security posture and POA&M status.
  • Evaluate and analyze leading edge security technologies to be implemented to improve the DNDO security posture.
  • Managed IAVM compliance for assigned systems, including assets management and security posture management in VMS.
  • Conducted assurance audits of the security posture of the system, ensuring proper user activity.
  • Brief the Designated Approving Authority of the security posture of the overall TSA network.
  • Provide Defense-in-Depth strategies to enhance the security posture of the TSA networking environment.
  • Assess the security posture of the organization's classified information systems.
  • Enhance the security posture of our NSA's critical communications systems.
  • Interpreted cyber-security requirements into technical solutions and analyzed system configurations to determine maintain and improve security posture.
  • Researched and recommended automation solutions in the realms of audit management, antivirus, and patch management to improve security posture.
  • Work with headquarters ISSM and other Cyber Security officers on AFN Europe's security posture.
  • Developed/enforced/managed system cyber security posture, maintained accreditation package in Cyber Security Assessment and Management System, conducted continuous monitoring activities.

Show More

21. ATO

average Demand
Here's how ATO is used in Information Systems Security Officer jobs:
  • Reported on new operating system vulnerabilities and aided system administrators in the setup of secure operating systems on new servers.
  • Coordinate audit activities for the Technology Division including internal audit, external audit and regulatory examination authorities.
  • Conducted comprehensive security assessments to identify architectural and implementation weaknesses and determine compliance with regulatory compliance requirements
  • Perform local administrator duties including software installations, patches, anti-virus updates and troubleshooting user issues.
  • Ensured all users were properly trained on operation and personnel access requirements of the laboratory.
  • Performed senior operator and systems and network administrator duties.
  • Experience in DoD Classified Operating and/or laboratory environment.
  • Lead System Administrator for Theater Battle Management Core Systems (TBMCS) coordinated, managed, and completed SOVT for TBMCS.
  • Conducted annual security control reviews for 4 Joint Terminal Attack Controller training simulators, over 400 controls implemented and reviewed.
  • Secure the initial Security Authorization (ATO) for the system, and ensure Ongoing Authorization through Continuous Monitoring.
  • Perform quarterly Plan of Action and Milestone (POA&M) reviews with systems administrators and developers.
  • Evaluated records, operator logs, formats, technical reports, and data from other activities.
  • Provided security guidance to system administrators to during the installation of C2 standards on UNIX servers.
  • Served as SCI Networks System Administrator and Leading Petty Officer for SCI Networks System Administrators.
  • Served as a Network Security Officer for a NATO command and control system.
  • Work closely with the System Administrator to maintain the system's security/accreditation status.
  • Obtained IATO following DITSCAP procedures and worked towards completing a SSAA.
  • Write and track compliance Approval to Operate (ATO) w/POA&M and ICM503.
  • Manage collaboration projects and deployed Audio/Video Teleconferencing and provided technical support for Avaya Unified Communications and Microsoft Office Communicator.
  • Assisted in migration of VPN concentrators to new project.

Show More

22. Active Directory

average Demand
Here's how Active Directory is used in Information Systems Security Officer jobs:
  • Perform basic system administration on Information System for Windows utilizing Active Directory and manually for Linux OS.
  • Implemented and administered Active Directory services, replication, Trust Relationship and enforced Domain-wide Group Policies.
  • Managed unclassified and classified Pacific Fleet network assets in a Windows and Active Directory environment.
  • Reviewed active directory permissions to insure compliance was maintained.
  • Installed & configured an Active Directory environment.
  • Administered Windows Active Directory and Group Policy.
  • Managed the smoothest to date migration from NT4 to Microsoft 2000 Active Directory environment for the embassy in Baku, Azerbaijan.
  • Managed upgrade of 850+ users and DCA assets in collaboration with Dell Technical Support Team to Active Directory Windows 2000..
  • Maintained the company Active Directory by adding new hires, escalating privileges as needed, disabling terminated employees.
  • Experience with Macintosh OS, Windows server operating systems, including Active Directory, DNS, etc.
  • Created and maintained all the users and computers accounts on the Microsoft Server 2003 Active Directory.
  • Managed multiple existing and new accounts in an Active Directory, utilizing Remedy s ticket system.
  • Establish Windows Active Directory domain, using Group Policy to manage system policies and access control.
  • Administered/Managed various projects such as Windows NT 4.0 Domain Upgrade to Windows 2003 Active Directory.
  • Configured and managed Windows 2003 Servers and XP Workstations in an Active Directory domain.
  • Configure and maintain group policy in Active Directory for Windows Server 2008R2.
  • Managed personnel accounts through the use of Active Directory.
  • Network Tools: Active Directory, GPO, DNS & DHCP.
  • Managed and structured Active Directory trees and objects in order to strengthen security and keep organizations consolidated across the enterprise.
  • Create Accounts in Active Directory * Update user's information and reset passwords in Active Directory

Show More

23. Security Training

average Demand
Here's how Security Training is used in Information Systems Security Officer jobs:
  • Perform user account administration, media control, implementation and enforcement of DoD computer security plans/policies/procedures/directives, and system security training.
  • Provided information security support for the Aerospace Organization developing security plans and providing system security training to assigned personnel.
  • Participated in developing and implementing IS security training sessions for contractor and government security personnel involved in the NISP.
  • Developed, maintained and implemented IT Security Training and Awareness Programs in Classified/Unclassified environments.
  • Develop and lead information security training materials and institute processes to uphold security.
  • Developed a systematic System Security Training Program for newly reporting personnel.
  • Prepared and conducted security training and other technical training.
  • Authored information security policies and security training materials.
  • Verify users are current on required security training.
  • Developed and implemented 5 security training scenarios.
  • Conducted Information Systems Security training sessions.
  • Designated to update and maintain Access databases for Approved Software and Hardware, Security Training accreditation, and Modems within JSIMS.
  • Conducted and monitored annual security training requirements for federal employees, contractors, and midshipmen (Students).
  • Received a superior rating as a trainer for leading more than 100 hours of technical and security training.
  • Developed and implemented On-boarding security training presentations to all newly hired personnel for three Coast Guard Commands.
  • Develop and present Information Security training and briefing materials to all users.
  • Conduct all required security training, inspections and audits.
  • Conducted security training to over 250 personnel.
  • Create security training presentations and documentation for Leidos enterprise.
  • Provide mandated Cyber Security Training to users in accordance with DoDI 8570.

Show More

24. Risk Assessments

average Demand
Here's how Risk Assessments is used in Information Systems Security Officer jobs:
  • Provided in-depth network risk assessments to senior leadership during wartime operations by conducting weekly audits of networking security mechanisms.
  • Conducted software evaluation and risk assessments to determine relevant security vulnerabilities and other threats related to system use.
  • Performed information security risk assessments and assist with the internal auditing of information security processes.
  • Conducted annual risk assessments and orchestrated system vulnerability testing and evaluation in alignment with regulations.
  • Coordinate and support risk assessments and ensure corrective action on any identified security exposures.
  • Perform information security risk assessments and serves as an internal auditor for security issues.
  • Lead risk assessments with stakeholders of interest in order to establish system categorizations.
  • Instituted Security Management & Implementation, Security Risk Assessments.
  • Perform risk assessments of information systems and infrastructure.
  • Perform risk assessments to help identify system vulnerabilities.
  • Conduct, document and report annual and random ISS Risk assessments as contractually required and when significant change in the environment.
  • Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures.
  • Participate in risk assessments to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies.
  • Conduct risk assessments for the development of mitigation plans and concepts of operations.
  • Perform risk assessments, and evaluations in order to ensure network security.
  • Conducted risk assessments for data protection, storage, and data integrity.
  • Performed Risk Assessments based on NIST 800-53 recommendations.
  • Conducted risk assessments and change management.
  • Performed Security Site Risk Assessments.
  • Compile Risk Assessments, System Identification Profile, DIACAP Implementation Plan and Physical Security Assessments to support C & A packages.

Show More

25. RMF

average Demand
Here's how RMF is used in Information Systems Security Officer jobs:
  • Provide quarterly FISMA reporting and supporting Risk Management Framework (RMF) transition and Continuous Monitoring implementation.
  • Direct the protection of computing security systems, and create strategic policies that ensure security and maintain compliance with RMF/NIST mandates.
  • Supported multiple government programs under NISP, JAFAN, and JSIG using the Risk Managed Framework (RMF) approach.
  • Create all security documents required to complete NIST Risk Management Framework (RMF) steps 1, 2 and 3.
  • Assist the Authorized Security Control Assessor (ASCA) with ST&E activities to include RMF CCI mapping.
  • Configure templates for future information system placement in production environment in accordance with current DIACAP/ RMF policy.
  • Perform independent compliance reviews, tracking, and continuous monitoring of RMF A&A packages.
  • Prepare IA certification and accreditation documentation in accordance with the Risk Management Framework (RMF).
  • Develop IT system and security documentation required by both the DIACAP and the NIST RMF.
  • Assisted in RMF transition of 20 SAP information systems to ensure processing of classified information.
  • Managed network alterations and security utilizing the Risk Management Framework (RMF) standard.
  • Prepare C & A packages and follow RMF guidelines.
  • Update security documentation throughout NIST RMF step 6.
  • Apply NIST 800-53 Rev 4 conversion in IACS FISMA tool to NIST 800-37 RMF and 800-115.
  • Lead ISSO responsible for managing day to day ICD 503 RMF duties.
  • Serve as the SME for the transition process from DIACAP to RMF.
  • Performed A&A package updates that included DIACAP to RMF transitions, drawing updates and publishing of scans to eMASS.
  • Gather and upload cybersecurity scorecards for the risk management framework (RMF).

Show More

26. Dcid

average Demand
Here's how Dcid is used in Information Systems Security Officer jobs:
  • Exercised a thorough understanding of the security requirements to support DCID Protection Levels (PL2, PL3, and PL4).
  • Reviewed and evaluated information assurance security policies and procedures to ensure compliance with agency mission, DCID 6/3 and DITSCAP.
  • Performed transition of classified systems to the Risk Management Framework from DCID 6/3 to ensure processing of classified information.
  • Inspect Information systems at contractor sites nationwide to ensure compliance with DCID 6/3, NISPOM and ICD 503 policies.
  • Facilitate development and review of Certification and Accreditation packages for DAA and CIO as required under DCID 6/3.
  • Asked by senior leadership to help develop a process to help transaction from DCID 6/3 to IC 503.
  • Provided C&A support for compliance through Director of Central Intelligence Directive (DCID) 6/3.
  • Evaluated and provide feedback for certification and accreditation documentation to ensure compliance with the DCID 6/3 manual.
  • Review and archive weekly audit logs AIS (Automated Information Systems) per DCID 6/3 requirements.
  • Developed metrics using the DCID 6/3 that are now being used in monthly reports to customer.
  • Utilized extensive knowledge of DIACAP and DCID 6/3, the NISCAP Certification and Accreditation process.
  • Perform site and user inspections for compliance with security policies in accordance with DCID 6/3.
  • Performed certification and accreditation control assessments to ensure compliance for DCID 6/3 compliance.
  • Possessed knowledge of different customer bases, DCID, NISPOM and NISPOMSUP.
  • Possessed the ability to decipher and explain in clear language DCID 6/3.
  • Maintain DCID 6/3 compliance and other appropriate security directives of systems.
  • Performed system accreditation under NIST 800-53A and DCID 6/3.
  • Assist in the development of system security/IA plans under guidance in DIACAP, DCID 6/3, NIST 800-37/800-53/800-92 and NISCAP.
  • Adhered to the NIST 800, DCID 6/3 and FISA series policies in support of the SIGINT mission.
  • Draft C&A documentation in accordance with DCID 6/3, ICD 50, NISPOM and DSS.

Show More

27. Security Awareness

average Demand
Here's how Security Awareness is used in Information Systems Security Officer jobs:
  • Lead information security awareness and training initiatives to educate workforce about policies, procedures and information risks.
  • Train users and promote security awareness to ensure system security and to improve server and network efficiency.
  • Attend security awareness and related training programs and distribute security awareness to the user community as appropriate.
  • Trained and educated 350+ military members on security awareness and classification management.
  • Enacted company processes that successfully implemented comprehensive security awareness programs.
  • Distribute security awareness information to the user community as appropriate.
  • Coordinated and facilitated the security awareness and education program.
  • Developed and implemented security awareness programs within the programs.
  • Develop and implement user security awareness training programs.
  • Facilitated security awareness training for all personnel.
  • Initiate information security awareness and training programs.
  • Promoted security awareness through end user training.
  • Promoted Information Security Awareness and Training.
  • Assist in the development and conduct of computer security awareness products and briefings for supported government contracts.
  • Train and oversee security awareness to all users who have access to systems, ensure proper accessibility.
  • Briefed and published security awareness lesson plans, under the direction/guidance of the Department's Security Officer.
  • Briefed security awareness training weekly for all new personnel entering on site for duty.
  • Conducted Security Awareness and Privacy Act training of all Cloud support staff.
  • Implemented IT Security Awareness program for Army Fleet Support.
  • Promoted security awareness of the threats and vulnerabilities, affecting agency assets, amongst the Directorate.

Show More

28. Computer System

average Demand
Here's how Computer System is used in Information Systems Security Officer jobs:
  • Direct and verify compliance with operating system security controls, computer system security controls, and application layer security controls.
  • Performed senior operator and systems and network administrator duties, unit level maintenance functions on assigned computer systems.
  • Performed vulnerability/risks analyses of computer systems and applications during all phases of the system development life cycle.
  • Review requests for certification and accreditation of computer systems to ensure compliance published procedures.
  • Provide key computer system administration, local area network administration, and system/network security.
  • Analyze computer systems specifications for compliance with system security requirements and guidelines.
  • Performed risk analysis and security testing of computer systems and applications.
  • Provided computer systems security and defensive information operations.
  • Maintained the quality and security, as needed, of APHIS computer systems and applications, architectures, and management practices.
  • Planned, implemented, upgraded and monitored security measures for the protection of computer systems, networks and data.
  • Implemented and maintained computer systems security plans in compliance with RMF, DoD and Federal Regulations.
  • Supervised 8 team members in managing computer systems, intranet hardware, and software update.
  • Configure, install, and maintain mostly computer systems in a stand-alone and networked environment.
  • Research, diagnose and resolve complex computer system software and hardware issues as they arise.
  • Conducted training to ensure users were instructed on the appropriate use of computer systems.
  • Develop batch files and BASH scripts to streamline auditing and configuration of computer systems.
  • Conducted repairs, upgrades and maintenance of all classified computer systems within the organization.
  • Maintained security checks on secured computer systems in closed and open areas.
  • Establish objectives and procedures for audit reviews of computer systems.
  • unclassified and classified computer systems.

Show More

29. Nessus

average Demand
Here's how Nessus is used in Information Systems Security Officer jobs:
  • Utilize Tenable NESSUS Vulnerability Management tool to read and manage vulnerabilities for the OCFO financial systems.
  • Completed the incorporation of continuous monitoring using Tripwire Enterprise, Tripwire Log Center, Nessus and QualysGuard vulnerability scanners.
  • Monitored security systems, and analyzed potential threats and vulnerabilities utilizing Nessus to applications and systems.
  • Utilized Nessus to perform vulnerability scans generate reports and submit to appropriate staff.
  • Performed weekly Assured Compliance Assessment Solution/Nessus security scans, addressing vulnerabilities.
  • Perform monthly vulnerability assessment scans of assigned systems using Tenable Nessus.
  • Performed Vulnerability Assessment Reports for OHTA using Nessus.
  • Performed scans and interpreted results from security scanning tools including but not limited to Nessus, and IBM BigFix.
  • Completed IP 360 and Nessus vulnerability scans and reviewed results, made recommendations based on findings.
  • Executed, reviewed, and analyzed monthly Nessus vulnerability scans on all appropriate systems.
  • Scanned and analyzed the results of Nessus and AppDetective for three financial systems
  • Review SecurityCenter, Splunk, Nessus and WebInspect scan reports for potential vulnerabilities and direct systems engineers and administrators for remediation.
  • Create vulnerability assessment and mitigation reports based on system analysis using nmap, Shadow, LanGuard, Nessus, and Retina.
  • Conduct regular security and risk assessments on our systems with vulnerability scanning software (eEye Retina/Nessus/NMAP, etc.)
  • Maintain proficiency in Security tools, Nessus, Retina, Disk-KO, Diskwash, and Encase.
  • Supervised Quarterly Federal Information System Management Act (FISMA) scans utilizing Nessus and Foundstone.
  • Utilize McAfee SIEM for log management Utilize Nessus scanner to identify risk and vulnerabilities
  • Managed recipient domains (.mil, .gov) Utilized Nessus to run vulnerability scans and provided feedback to the security team.
  • Experience using security evaluation tools (Host Based Security System, Nessus, Retina, and Assured Compliance Assessment Solution).
  • Update and confirm functionality of security scanners such as eEye Retina, Nessus, AppDetective, and Webinspect.

Show More

30. Security Incidents

low Demand
Here's how Security Incidents is used in Information Systems Security Officer jobs:
  • Responded to information security incidents, validating the compliant and reporting it accordingly based on procedures.
  • Established Incident Reporting Procedures to ensure lab users properly report all security incidents.
  • Conducted investigation of information security incidents and provide appropriate resolution as necessary
  • Performed investigations and inquiries to security incidents on local IS.
  • Report IT security incidents in accordance with established procedures.
  • Reported IT security incidents according to published procedures.
  • Escalate security incidents to leadership as appropriate.
  • Report on security status and security incidents.
  • Worked in conjunction with DHS Security Operations Center and US-CERT for IT security incidents in accordance with established procedures.
  • Responded to computer security incidents according to the Computer Security Incident Response Policy (CSIRP).
  • Report security incidents not involving IT resources to the appropriate security office.
  • Identified, reported, and responded to security incidents.
  • Implement response actions in reaction to security incidents.
  • Report IS security incidents to the CIO.
  • Report IT security incidents in accordance with established procedures Department of Homeland Security, Intelligence & Analysis
  • Provided guidance to first responders for handling information security incidents.
  • Brief new account requestors and security incidents that may arise from the misuse of the system.
  • Initiate contact with internal and external sites for tracking, managing and remediating security incidents.
  • Reported security incidents in accordance with DOD 5200.1 -R and to the DAA when an IS were compromised.
  • Performed forensic and malware analytical activities in response to cybersecurity incidents.

Show More

31. Stig

low Demand
Here's how Stig is used in Information Systems Security Officer jobs:
  • Performed information security officer duties including; intrusion prevention and detection, incident response, investigation, and key-certificate administration.
  • Reviewed logs and interviewed personnel to determine the appropriate level of follow on investigation or disciplinary actions.
  • Monitored government systems for inappropriate use and provide timely investigative reports for those computer systems.
  • Monitored, investigated, reported, and provided remedial training for security violations and infractions.
  • Worked in implementing EnCase Enterprise to investigate different potential malicious events on critical nodes.
  • Perform and assist in investigations as requested by Corporate Security and Legal.
  • Conduct security investigations incidents and prepare reports on my findings.
  • Performed investigations to determine possibility of compromise after security infractions.
  • Employed configuration guidance based on DISA security technical implementation guides (STIG); implemented CCRI methodologies.
  • Migrated database to standalone topology to comply with DISA STIG and DIACAP approval requirements.
  • Performed security audits using DoD STIG s, compliance tools, and auditing tools.
  • Perform DISA STIG on servers and workstations for implementation into customer environment.
  • Performed ACAS vulnerability scans and provided reports on IAVM/STIG compliance to leadership.
  • Investigate security violations and infractions and prepare report of incident to FSO.
  • Coordinate with applicable teams to investigate and verify hardware and software.
  • Key Contributions: Monitors the activities of over 200 users by performing weekly system security audits and investigating potential security violations.
  • Conduct Criminal Investigations of Violations of federal Laws affective computer operations - and prevent and detect fraud abuse and mismanagement.
  • Utilized U.S. Army Regulations, STIGs and other guidance to develop IT security awareness and training campaign.
  • Configured workstations and servers using STIGs.
  • Perform SCAP, IAVA and STIG scans using Nessus.

Show More

32. Ensure Compliance

low Demand
Here's how Ensure Compliance is used in Information Systems Security Officer jobs:
  • Monitored and evaluated network system testing to ensure compliance with established security protocols and procedures.
  • Developed and maintained Systems Security Plans and conducted periodic reviews to ensure compliance.
  • Conducted periodic reviews and inspections to ensure compliance with established policies and procedures.
  • Coordinated periodic evaluations of IS to ensure compliance within acceptable government standards.
  • Communicate and ensure compliance with organizational security policies and standards.
  • Develop, review, implement and enforce information systems (IS) security plans and conduct reviews to ensure compliance.
  • Perform inspections of both computer and designated physical boundaries to ensure compliance with IC and other agency directives.
  • Established and managed access control, risk management, auditing and monitoring to ensure compliance with FISMA.
  • Managed complex information systems, and the user community to ensure compliance and cost effective processes.
  • Perform audits and inspections of information systems to ensure compliance with applicable policies and directives.
  • Perform site and user audit inspections to ensure compliance with the DoD Gold Standard.
  • Conducted appropriate training to ensure compliance with facility and system compliance; i.e.
  • Track and ensure compliance with all patches and updates that are released.
  • Assessed system security controls to ensure compliance with NIST and DHS standards.
  • Review new software requests to ensure compliance with program regulations.
  • Conducted periodic reviews to ensure compliance with the SSP.
  • Conduct independent examination of ISs to ensure compliance with policies and operational procedures.
  • Reviewed respective system and facility logs at the appropriate timeframes to ensure compliance with requirements.
  • Conduct periodic reviews to ensure compliance with the security requirements for each closed area.
  • Review network configurations according to polices.to determine risk postures Scan and remediate Information systems to ensure compliance with IA standards.

Show More

33. DHS

low Demand
Here's how DHS is used in Information Systems Security Officer jobs:
  • Performed security architecture assessments for systems and applications then recommended corrective action to adhere to security architecture guidance from DHS.
  • Researched, prepared and updated security policies and procedures governing the FEMA/DHS Security Plan for computer information system.
  • Supported HP Project Management Office in conforming to Data Center requirements on a $100 M x-year base DHS Operation contract.
  • Implemented significant security architecture design changes for two DHS Major Applications (MA) and General Support Systems (GSS).
  • Managed and tracked all Remedy tickets within DHS HQ Information Assurance ticket queue via Excel workbook, which I created.
  • Communicate and enforce security policies, procedures and safeguards for assigned systems, based upon DHS 4300 and NIST guidelines.
  • Coordinated the implementation of Interconnected Security Agreements (ISA) between the Single Sign-On System and various DHS HQ Components.
  • Served as the DHS S&T Information Security Architect for six months until the position was permanently filled.
  • Created decommissioning packages for disposal of systems IAW DHS FISMA System Inventory Methodology to include system decommissioning plan.
  • Assessed program risks and providing mitigation strategies to keep the efforts aligned with DHS/NIST-800 security controls procedures.
  • Reviewed and analyzed proxy exception requests for DHS networks using web resources DHS policies as guidelines.
  • Created system specific Contingency Plans and tested them annually in order to meet DHS standards.
  • Assisted Federal Management with Continuous Monitoring (CM) efforts for all DHS HQ systems.
  • Researched NIST and DHS policies and procedures for all updates on a continuous basis
  • Acted as Remedy Change Manager for DHS HQ Information Assurance team.
  • Provided adequate guidance in regards to reporting requirements to DHS management.
  • Reviewed and provided approval recommendations for all new Privileged Account Requests (PARs) for DHS HQ component.
  • Authored several Standard Operating Procedures (SOPs) for multiple DHS HQ Information Assurance procedures.
  • Reviewed and updated multiple Change Requests (CRs) across various DHS networks.
  • Review C&A documentation of DNDO ISs for compliance with DHS policies.

Show More

34. System Security Plan

low Demand
Here's how System Security Plan is used in Information Systems Security Officer jobs:
  • Prepare, maintain, and implement System Security Plans that accurately reflect the system configuration and security provisions.
  • Conducted reevaluation of a system security plan to guarantee adherence to security standards and practices.
  • Planned, developed, prepared and implemented an emergency management plans and system security plans.
  • Developed information system contingency plans and maintained INFOSEC plans and system security plans.
  • Maintain System Security Plans in accordance with applicable government guidance and directives.
  • Maintained and updated System Security Plan.
  • Develop System Security Plan (SSP) to provide an overview of the system security requirements and the needed security controls.
  • Assist in the development and maintenance of system security plans and contingency plans for all systems under their responsibility.
  • Perform gap analyses in order to develop System Security Plans (SSP) to address security concerns.
  • Drafted and updated a system Security Plan based primarily on system configuration and DHS policies.
  • Assisted the senior ISSO in the development of System Security Plans (SSP's).
  • Ensured compliance in accordance with System Security Plan (SSP) for classified information systems.
  • Maintained System Security Accreditation Agreements (SSAA) and System Security Plans (SSP).
  • Authored and maintained System Security Plan (SSP) SCION/NGSCION TS/SCI information systems.
  • Led the development of System Security Plans for several USPTO enterprise systems.
  • Manage and maintain System Security Plans (SSPs) from inception through decommissioning following the Risk Management Framework process within CSAM.
  • Prepare, maintain and implement System Security Plans (SSPs) that accurately depict the customer's contractual requirements.
  • Experience performing Information Systems Security Officer (ISSO) functions such as writing System Security Plans (SSPs).
  • Experienced in developing documentation (System Security Plans, POA&Ms, Contingency Plans, etc.)
  • Full lifecycle of System Security Plans from creation to inspection, accreditation & disestablishment.

Show More

35. Linux

low Demand
Here's how Linux is used in Information Systems Security Officer jobs:
  • Developed Linux based log analysis tools.
  • Confirm the new Linux and Windows systems meet DISA STIG and other security requirements using tools such as DISA SCAP scanner.
  • Carry out internal security inspections to assure over 60 nodes are within NIST standards for Windows and Linux OS.
  • Administered a number of HPUX, Linux, OpenBSD and Windows systems along with their associated infrastructure.
  • Provide system support of applications and services running on Linux servers, and networked storage services.
  • Assisted in the system and network administration of a Linux, Windows and OSX environment.
  • Updated McAfee DAT files, weekly, on standalone Windows and RedHat Linux systems.
  • Scanned and applied virus protections to Linux and Windows Systems on a weekly basis.
  • Installed McAfee VirusScan Enterprise for Linux and troubleshot errors to make product functional.
  • Purchased, built, and deployed Dell servers for Windows & Linux.
  • Maintained over 10 different servers from Windows 2003-2012r2 and different Linux flavors.
  • Create, disable, resetting passwords on Windows and Linux host.
  • Completed manual vulnerability scripting tests on Linux and VMS systems.
  • Conduct Auditing review to Windows and Linux hosts.
  • Implement STIG requirements for Linux and VMware servers.
  • Scan, assess and approve Linux hosted Drupal code builds/ module add-ons for hosting into the DHS Public Cloud environment.
  • Experience with Risk Management Framework implementation/accreditation, Linux/Windows/Solaris Auditing, NetApp systems, IS sanitization procedures, and industry best practices.

Show More

36. Retina

low Demand
Here's how Retina is used in Information Systems Security Officer jobs:
  • Managed vulnerabilities using Retina to scan and utilized Vulnerability Management system to track network Information Assurance Vulnerabilities.
  • Conducted vulnerability tracking, reporting and remediation utilizing DoD Vulnerability Management System and Retina Scans.
  • Conducted Retina vulnerability scans to identify weaknesses.
  • Conduct vulnerability testing utilizing Retina Network Scanner, DISA issued Gold Disk, and Microsoft Baseline Security Analyzer (MBSA).
  • Verified security compliance and maintenance of system security posture through automated software tools (Retina and Gold Disk).
  • Perform various scans (Retina, App Detective, etc.)
  • Performed vulnerability assessments with ISS and eEye Retina Security Scanners.
  • Performed daily vulnerability scan using eEye Retina, and scans results were reported to ship's CDO and COMTHIRDFLT.
  • Achieved compliance with DOD information assurance standards utilizing such items as Retina Security Scanner and Gold Disk.
  • Utilize Retina, SCC, GoldDisk, HBSS for compliancy checking and monitoring purposes.

Show More

37. Security Documentation

low Demand
Here's how Security Documentation is used in Information Systems Security Officer jobs:
  • Evaluated security documentation and authorization agreements associated with certification and accreditation.
  • Develop security documentation, including security plans, configuration management plans, and contingency plans in complains with IA policy.
  • Developed local security documentation and provided security guidance to over 260 users and administrators of multiple Joint Staff systems.
  • Designed security architectures and developed security documentation to establish configuration control, status, and accounting of information systems.
  • Conduct interviews, document examination, write security documentation, vulnerability analysis, and risk management.
  • Provide functional support for the creation and maintenance of associated security documentation packages as required.
  • Review all required security documentation and evaluate completeness of current documentation.
  • Collected and presented security documentation in response to audit requirements.
  • Maintain system's security artifacts and security documentation library.
  • Develop technical security documentation required for Certification and Accreditation.
  • Reviewed and developed security documentation.
  • Update and maintain site DIACAP accreditation package and other security documentation as needed.
  • Develop DHS mandated security documentation and enter into XACTA tool.
  • Provide guidance, support and validation of system security documentation for division Information Systems Security Officers (ISSOs).

Show More

38. Security Personnel

low Demand
Here's how Security Personnel is used in Information Systems Security Officer jobs:
  • Provide input to appropriate IT security personnel for preparation of reports to senior management concerning sensitive and/or national security information systems.
  • Provided guidance to appropriate IT security personnel for reports to higher authority concerning sensitive and/or national security information systems.
  • Collaborated with corporate security, EDS, GM, outside information security personnel, and EDS and GM auditors.
  • Received a DSS commendable rating and served as a mentor to other industrial security personnel.
  • Participate in client facing meetings and have direct contact with client security personnel.
  • Interfaced with physical security personnel to ensure the physical protection of IS assets.

Show More

39. Accreditation Process

low Demand
Here's how Accreditation Process is used in Information Systems Security Officer jobs:
  • Document and maintain system component IA baselines to support Change Management, Configuration Control, and Certification & Accreditation processes
  • Created security policy based upon the Federal Guidance in addition to Certification and Accreditation processes of systems.
  • Review and process System Security Plans and supporting documentation to process through the Certification and Accreditation Process.
  • Chaired fact-finding meetings to review contractor proposals for advanced software applications for certification and accreditation process.
  • Coordinated with program and project managers throughout the accreditation process.
  • Experienced in the certification and accreditation process.
  • Understand the Certification and Accreditation process.
  • Assist in the preparation of Information Systems Security Plans as part of the certification and accreditation process.
  • Managed the System Accreditation process for all networks.
  • Worked closely with Certifiers to navigate the DHS ICE Certification & Accreditation process and produce all appropriate accreditation documentation.
  • Managed TNet's C&A accreditation process and successfully obtained Authority to Operate (ATO) certification on every occasion.
  • Completed Certification and Accreditation processes following NIST, FISMA, and ICD 503 guidelines.

Show More

40. DSS

low Demand
Here's how DSS is used in Information Systems Security Officer jobs:
  • Perform site security self-inspections in accordance with Defense Security Service (DSS) requirements and perform other security-related functions as directed.
  • Designed and developed Boilerplate System Security Plan template for all new PL-1 information systems resulting in successful accreditation from DSS.
  • Ensured compliance with DoD/DSS NISPOM regulations resulting in favorable audits Strengthened physical security by re-organizing and streamlining company badge access system
  • Achieved the highest possible DSS Superior facility rating during the organization's annual Security Vulnerability Assessment.
  • Demonstrated security implementations to DSS and customers during annual or required inspections.
  • Conducted off-site security inspections in preparation for commendable DSS inspection ratings.
  • Support and maintain documentation for special security requirements required by GCA and DSS (Government Contracting Agency).
  • Prepared restricted area for two Defense Security Service (DSS) level inspections, resulting in zero deficiencies.
  • Participated in Defense Security Service (DSS) security reviews by ensuring IS practices were meeting standards.
  • Worked closely with FBI, NCIS, DSS agents and vendors dealing with security matters.
  • Performed weekly Security Audits to ensure compliance with Defense Security Service (DSS).
  • Maintained the posture of Information Systems in compliance with DSS/NISPOM security requirements.
  • Prepare, manage, and interface with DSS officers during an audit.
  • Standardized security templates and group policies to conform to NISPOM/DSS requirements.
  • Achieved satisfactory results on Defense Security Service (DSS) inspections.
  • Ensured compliance to NISPOM/DSS Requirements of all classified processing systems.
  • Provided mentoring to recently hired ISSP's at DSS.
  • Provided information to DSS and utilized information in JPAS.
  • Manage and coordinate Plan of Action and Milestone (POA&Ms) for DSS accredited approved classified systems.
  • Played a key role in Exelis receiving a good inspection rating on the 2012 DSS inspection.

Show More

41. Security Procedures

low Demand
Here's how Security Procedures is used in Information Systems Security Officer jobs:
  • Provided technical advice to company CEO on Information Security procedures, system architecture backup and recovery plans, and Telecommunications operations.
  • Monitor and manage information system security programs; report security incidents and formulate and recommend and apply corrective security procedures.
  • Assist with implementation and administration of Information Assurance and Information Security procedures, in accordance with established NIST/DHS guidelines.
  • Program, develop, and administer computer security procedures for computer networks operating at different levels of classification.
  • Review violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated.
  • Ensured that system users maintained security compliance training and aware of implemented security procedures.
  • Coordinated with hospital departments and outlying clinics to establish new internal security procedures.
  • Analyzed security procedures to provide clarification to office personnel.
  • Implement and write system-specific security procedures to ensure compliance.
  • Monitor local compliance with established security procedures.
  • Developed and executed online security procedures.
  • Led 10 person team through 15 month system accreditation process, benchmark Air Force weapon system security procedures.
  • Work with FISMA team in scanning and verifying that system security procedures follow government guidance.
  • Developed and managed the Scientific Advisory Board security procedures, checklists, and maintenance.
  • Performed a wide variety of clerical duties in support of security procedures and requirements.
  • Research, develop, implement security procedures and policies in accordance with NIST Guidelines.
  • Enforced established security procedures in accordance with the DCID 6/3 and NISPOM Chapter 8.

Show More

42. Security Issues

low Demand
Here's how Security Issues is used in Information Systems Security Officer jobs:
  • Resolved security issues and implemented stronger security solutions by improving security policies, processes, and procedures
  • Educated users via email or branch/division meetings on current security issues and security awareness training.
  • Provide leadership and framework to appropriately analyze needs and respond to critical security issues.
  • Develop recommendations for security issues and vulnerabilities identified during assessments.
  • Function as an internal consulting resource on information security issues.
  • Reviewed servers for Security issues as security bulletins were released.
  • Support federal staff through policy interpretation of DOD and Army Regulations to ensure proper application to resolve various security issues.
  • Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
  • Participated in working groups and provided direct support to ISSM on information security issues.
  • Assess threats, risks, and vulnerabilities from emerging security issues.
  • Worked with external auditors to analyze and resolve security issues.
  • Diagnosed and troubleshot network and security issues.
  • Implemented DIACAP to address all security issues and mitigate any threat assessments in any attempt to certify and accreditate the network.
  • Address system security issues, such as user mis-use, virus threats, or any security threat whether malicious or inadvertent.
  • Subject matter expert regarding security issues and coordinates tasks of Regional ISSOs.

Show More

43. Unix

low Demand
Here's how Unix is used in Information Systems Security Officer jobs:
  • Trained and managed Help Desk personnel, provided automation troubleshooting and information support for a UNIX based network.
  • Supervised a technical staff composed of Unix, VM, Apple, Microsoft and Certified Network Engineers.
  • Conduct and document command line UNIX/LINUX security audits and analysis.
  • Conduct security audits on UNIX and Windows environments.
  • Provide UNIX and Network support for 200+ users.
  • Installed DISA security patches on UNIX servers.
  • Utilize working knowledge of UNIX/Linux.
  • Conducted weekly technical and nontechnical audits on designated Unix and Windows based information systems.
  • Managed TBMCS network suite that include Windows 2000 Servers, Solaris 8 Servers, Windows XP workstations, and Unix workstations.
  • Design, plan, and implement Novell, Windows, and UNIX shipboard Local Area Network.
  • Experience with SUN Trusted Solaris (TSOL), UNIX and Windows operating systems.
  • Planned and managed project for replacement of outdated Solaris Unix systems.
  • Collaborate with the IT staff to create a new, auditable, trackable Unix certification and continuous monitoring processes.

Show More

44. Ssps

low Demand
Here's how Ssps is used in Information Systems Security Officer jobs:
  • Review and Oversee all Information Systems Security Plans / SSPS (Certification/Accreditation).
  • Prepare manuals outlining regulations and established and implemented computer security policy including guidance documents or SSPs.
  • Author, review and update Concept of Operations (CONOPS), System Security Plans (SSPs).
  • Develop new and update existing SSPs based upon the results of the Continuous Monitoring process.
  • Developed and oversaw multiple System Security Plans (SSPs).
  • Update and review Site Security Plans (SSPs).
  • Combined SSPs to reduce overhead (8 combined).
  • Maintain documentation library of SSPs.
  • Advised and assisted with the Lifecycle C&A processes and developing System Security Plans (SSPs).

Show More

45. Comsec

low Demand
Here's how Comsec is used in Information Systems Security Officer jobs:
  • Established the Squadron information security program, maintained ADPE requirements, performed COMSEC/emission deterrence inspections.
  • Transformed COMSEC office to utilization of electronic keying material.
  • Provided annual COMSEC training to over 120 users, zero COMSEC incidents with new training program.
  • Manage numerous encryption technologies and methods as the Communication Security (COMSEC) custodian.
  • Provided Communications Security support to the TSOC in the capacity of Alternate COMSEC Custodian.
  • Conducted OCONUS material movement of COMSEC, SCI and SSO materials.
  • Conduct annual vulnerability audit scans and reported results to COMSECONDFLT.
  • Maintained checklists, informed squadron on INFOSEC/COMSEC threats.
  • Manage COMSEC material within the facility.
  • Secure communications (COMSEC).
  • Provided assistance to the Primary COMSEC Custodian in keeping meticulous records of all cryptographic equipment within our environment per NSA regulations.
  • Identified COMSEC representatives to receive and monitor the COMSEC related equipment for the HDSN with SVTC and the STEs.
  • Perform semi-annual inventory and training for both COMSEC accounts - Process SF153 transactions in CARDS for COMSEC material.
  • Configure crypto communication devices on JWICS and SIPRNET networks as Systems Administrator and COMSEC Custodian.
  • Provided COMSEC services and equipment to deplorers worldwide in support of the War fighter.
  • Inventory COMSEC and ensure crypto is up-to-date.
  • Perform crypto changeover and maintain accurate inventory for over 100 COMSEC items.

Show More

46. User Accounts

low Demand
Here's how User Accounts is used in Information Systems Security Officer jobs:
  • Created user accounts, administered and maintained Missions Blackberry program supporting 147 customers.
  • Reviewed Privileged User accounts to verify necessity of elevated rights.
  • Performed C&A activities, managed system user accounts, Privacy documentation, contingency plan and security training for users/vendors.
  • Create user accounts; provided technical support and problem resolution, upgrades, and enhancements; and closed accounts and workstations.
  • Created all user accounts to ensure that users with only the proper need to know gain access to customer information.
  • Access Control Auditing of user accounts to ensure compliance and data loss prevention with account management standards.
  • Manage user accounts and access to mission systems supporting a Global Operation, ISR weapon system.
  • Maintain and support user accounts, system monitoring and back-ups, hardware and software upgrades.
  • Address operational systems issues including file and share permissions, user accounts and installing applications.
  • Managed and maintained user accounts on JWICS, SIPRNET and UNCLASS networks.
  • Created and administered user accounts in Active Directory and Exchange.
  • Created and managed user accounts for over 700 users.
  • Create Linux user accounts for Open Research System users.
  • Set up user accounts and profiles.
  • Create and maintain user accounts.
  • Create user accounts and passwords.
  • Manage user accounts for Windows/Unix/Linux systems, reset passwords, and perform annual computer recertifications.
  • Created and administered user accounts, authenticators and other applicable actions for associated networks.
  • Provided and administered JWICS and SIPRNet networks with over 3500 NT User Accounts and Microsoft Exchange 5.5 mail boxes, cumulative.
  • Validated access of 8000+ DMLSS-W/DMMonline users, removed 454 dormant user accounts.

Show More

47. System Owners

low Demand
Here's how System Owners is used in Information Systems Security Officer jobs:
  • Advised the system owners pertaining to security considerations in applications systems procurement or development, implementation, operation and maintenance.
  • Assess client needs and expectations by continuously communicating with system owners, stakeholders and VA executive management.
  • Created Certification and Accreditation Training documentation for System Owners/Business Owners and DHS/FEMA Security Management Group representatives.
  • Assist System Owners with developing security requirements for system projects.
  • Develop risk assessment, analyze security vulnerabilities, and construct a plan of action and milestones to present to system owners.
  • Coordinated with key personnel at multiple levels of management (CIO, Region/Division/Branch Managers, System Owners, etc.)
  • Work with the system Owners to identify weaknesses in the system and recommend steps to resolve weaknesses in the system.
  • Conduct interviews with System Owners and team to gather and understand more about the system and access controls.
  • Work with System Owners to develop, provide training, and perform periodic testing of incident response plans.
  • Provide ongoing security support through POA&M updates in collaboration with Program Managers/System Owners.
  • Worked with system owners to ensure that their systems were DIACAP compliant.
  • Advised System Owners and Authorizing Officials on system security posture.
  • Develop and maintain relationships with system owners and project teams.
  • Review Nessus scan results and lead weekly vulnerability meetings with system owners to develop mitigation strategies from identified weaknesses.
  • Draft security records, approvals, denials, and requests for submittal to Information System Owners (ISO).
  • Played a leading role with remediating security control deficiencies with Federal Managers, System Owners and System Developers.
  • Provided remediation assistance to system owners to mitigate vulnerabilities identified on their systems' POA&Ms.

Show More

48. Xacta

low Demand
Here's how Xacta is used in Information Systems Security Officer jobs:
  • Maintained all documentation in XACTA Information Assurance Manager.
  • Used Sensitive System Handbook, Attachments, Enclosures, and IACS XACTA to record compliance information.
  • Manage various system security plans in NCAD and XACTA database.
  • Review and update ATO documentation using XACTA.
  • Migrate SSP's from NCAD to the XACTA database.
  • Coordinated the development of a Contingency Plan and ensured that the plan is tested and maintained in Xacta.
  • Used the Xacta tool to track system progress and system confidentiality, integrity, and availability.
  • Manage security authorization documentation within the Xacta IA Manager tool (IACS).
  • Worked with Xacta Tool for upload of relevant IS information.
  • Updated data of ICE Systems using Xacta IA Management tool.
  • Input and modification of system data using Xacta.
  • Update documents in Xacta system.
  • Assist organization with system security requirements Created CONOPS, and multiple SSPs utilizing both XACTA and NCAD databases.
  • Created and remediated Plan of Action & Milestones (POA&M) within Xacta.

Show More

49. Fips

low Demand
Here's how Fips is used in Information Systems Security Officer jobs:
  • Developed and formalized consistent structure for IT security policy based on FIPS 200 and NIST Special Publication 800-53 security controls.
  • Worked with system owner to select and establish the security control baseline, utilizing NIST SP 800-53 and FIPS 200.
  • Assisted in disabling weak ciphers and only permitting FIPS 197 Advanced Encryption Standard (AES) for CBP applications.
  • Worked with IT security team to complete the FIPS 199 as well as the quarterly OMB reports.
  • Collected all the information systems' preliminary artifacts (FIPS-199, e-Authentication, etc.)
  • Utilized NIST, DHS 4300, FIPS, FISMA and other government required documents.
  • Assist the system owner in determining system categorization in accordance with FIPS 199.
  • Standardized baseline audits, governance, compliance of FISMA, NIST, FIPS.
  • Create and maintain security documents in accordance with FIPS SP 800-53.

Show More

50. Management System

low Demand
Here's how Management System is used in Information Systems Security Officer jobs:
  • Created assets in Vulnerability Management System using Security Content Automation Protocol tool to assess assets for Standard Technical Implementation Guide compliance.
  • Correlated actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques.
  • Instituted and maintained the information management system for the control of materials to ensure government requirements compliance.
  • Expedited scheduled system changes and facilitated problem resolution by developing and implementing enterprise change management system.
  • Change management system and documentation for all hardware and software changes including OS and security-relevant software.
  • Provided information management system support for three battalions and personnel.
  • Designed and implemented Disaster Recovery Plans and Database Management system.
  • Programmed new Fixed Asset Management System to replace a Unix-based system so that work could begin on the 2000-2001 FYR Inventory.
  • Maintained and uploaded A&A artifacts in Risk Management System (RMS) and Trusted Agent FISMA (TAF).
  • Operate Electronic Key Management System, perform other information security duties, and maintain Public Key Infrastructure (PKI).
  • Utilized risk management system and trusted agent FISMA software systems to manage risk and track security posture.
  • Directed preparation of System Security Plan in TSA s Risk Management System (RMS) Tool.
  • Maintained bank website with 3rd party assistance, making minor changes via Content Management System.
  • Manage, organize and protect agency computer, security and file management systems.
  • Utilized Risk Management System (RMS)
  • Provide Indian Health Service (IHS) support; as the Resource Patient Management System (RPMS) ISSO.

Show More

20 Most Common Skill for an Information Systems Security Officer

Vulnerability Assessments10.1%
Assurance8%
Information System Security7.7%
Isso6.8%
Nist Security Policies6.6%
System Administrator6.6%
DOD5.5%
Recovery Procedures5.4%

Typical Skill-Sets Required For An Information Systems Security Officer

RankSkillPercentage of ResumesPercentage
1
1
Vulnerability Assessments
Vulnerability Assessments
6.4%
6.4%
2
2
Assurance
Assurance
5.1%
5.1%
3
3
Information System Security
Information System Security
4.9%
4.9%
4
4
Isso
Isso
4.3%
4.3%
5
5
Nist Security Policies
Nist Security Policies
4.2%
4.2%
6
6
System Administrator
System Administrator
4.2%
4.2%
7
7
DOD
DOD
3.5%
3.5%
8
8
Recovery Procedures
Recovery Procedures
3.4%
3.4%
9
9
POA
POA
3.3%
3.3%
10
10
Security Requirements
Security Requirements
3%
3%
11
11
Fisma
Fisma
2.9%
2.9%
12
12
Configuration Management
Configuration Management
2.6%
2.6%
13
13
Contingency Plans
Contingency Plans
2.6%
2.6%
14
14
Acas
Acas
2%
2%
15
15
Incident Response
Incident Response
1.9%
1.9%
16
16
Issm
Issm
1.9%
1.9%
17
17
Cyber
Cyber
1.9%
1.9%
18
18
Information Technology
Information Technology
1.8%
1.8%
19
19
Nispom
Nispom
1.8%
1.8%
20
20
Security Posture
Security Posture
1.7%
1.7%
21
21
ATO
ATO
1.7%
1.7%
22
22
Active Directory
Active Directory
1.7%
1.7%
23
23
Security Training
Security Training
1.7%
1.7%
24
24
Risk Assessments
Risk Assessments
1.6%
1.6%
25
25
RMF
RMF
1.6%
1.6%
26
26
Dcid
Dcid
1.6%
1.6%
27
27
Security Awareness
Security Awareness
1.5%
1.5%
28
28
Computer System
Computer System
1.5%
1.5%
29
29
Nessus
Nessus
1.4%
1.4%
30
30
Security Incidents
Security Incidents
1.4%
1.4%
31
31
Stig
Stig
1.3%
1.3%
32
32
Ensure Compliance
Ensure Compliance
1.3%
1.3%
33
33
DHS
DHS
1.3%
1.3%
34
34
System Security Plan
System Security Plan
1.2%
1.2%
35
35
Linux
Linux
1.2%
1.2%
36
36
Retina
Retina
1.2%
1.2%
37
37
Security Documentation
Security Documentation
1.1%
1.1%
38
38
Security Personnel
Security Personnel
1.1%
1.1%
39
39
Accreditation Process
Accreditation Process
1.1%
1.1%
40
40
DSS
DSS
1%
1%
41
41
Security Procedures
Security Procedures
1%
1%
42
42
Security Issues
Security Issues
1%
1%
43
43
Unix
Unix
0.9%
0.9%
44
44
Ssps
Ssps
0.9%
0.9%
45
45
Comsec
Comsec
0.9%
0.9%
46
46
User Accounts
User Accounts
0.9%
0.9%
47
47
System Owners
System Owners
0.8%
0.8%
48
48
Xacta
Xacta
0.8%
0.8%
49
49
Fips
Fips
0.8%
0.8%
50
50
Management System
Management System
0.8%
0.8%

53,546 Information Systems Security Officer Jobs

Where do you want to work?