Job Details
**IS Security Officer (ISSO) - Security team**
CNA, 3003 Washington Blvd, Arlington, Virginia, United States of America Req #306 Monday, February 7, 2022 CNA fosters an inclusive culture that values diverse backgrounds and perspectives. Our flexible and engaging work environment encourages iterative and creative collaboration at every stage of the problem solving process. Our employees are committed to helping clients develop effective solutions to better manage their programs through scientific, data-driven approaches. We are looking for creative and innovative individuals to help carry out our mission. **PRIMARY PURPOSE**
This position serves as the Information System Security Officer (ISSO) for the corporate headquarters office at CNA. The position is responsible for assisting the Information System Security Manager (ISSM) in maintaining risk management framework (RMF) network systems across CNA. The ISSO will also maintain multi-user standalone systems and other local networks supporting two or more components of overall Information Technology systems.
**JOB DESCRIPTION AND/OR DUTIES**
1. Implements and optimizes security monitoring, event correlation, compliance and alerting solutions. Performs regular audits of all networked devices (including desktop computers, laptops, servers, and handheld devices) utilizing vulnerability scanners and similar tools. Scans for unauthorized networks (including wireless) and prevents systems from bridging networks.
2. Performs and assists with certification and accreditation (C&A) and risk assessment activities. Generates compliance reports and disseminates information to pertinent staff for remediation. Creates, maintains and monitors compliance of security policies, procedures and manuals.
3. Responsible for maintaining and utilizing information security architecture. Evaluate new security hardware and software by actively researching and implementing mitigation procedures to reduce security risk to the network.
4. Participates in Computer Security Incident Response Team activities. Respond to, analyze, and resolve IT Security incidents. Assist the Information System Security Manager (ISSM) with disseminating incident reports. Conducts internal investigations on matters concerning security violations, misconduct, and other charges. Consult with and support the Compliance Committee on internal investigations, as require.
5. Assist the ISSM with the development, implementation and administration of the CNA corporate wide security education and awareness programs focusing on IT Security training, to include phishing campaigns, physical and operational security (OPSEC) sessions, and training for employees, consultants and/or subcontractors.
6. Assist the ISSM with management and execution of the information security program, physical security program in full accordance with NISPOM, DAAPM, NIST 800 series, and other DoD, Navy security regulations and publications.
7. Assist the ISSM with security classification reviews by analyzing internal and external sources to determine classification levels are accurate, adequate and provide proper handling instructions IAW DoD Navy, Marine Corps, and other government agencies.
8. Assist the ISSM as needed on special projects and may lead special projects as assigned. Perform other duties as assigned.
9. Perform other duties as assigned.
**JOB REQUIREMENTS**
1. Education: Bachelors degree in Computer Science, Management Information Systems, Computer Security, Information Assurance, or equivalent qualified security experience. Advance degree is a plus. At least one of the following certifications in IT Security at the time of hire is required: CAP, GSLC, Security+, CISM, CASP CE, or CISSP.
2. Experience: Minimum of 6 years of progressive experience in IT security and related technologies. Experience of 3 years with classified computing is required.
3. Skills: Must have proven customer service skills; ability to analyze vulnerability scans using Nessus, SecurityCenter, HBSS and ACAS (among others); computer literacy and proficiency; presentation skills; excellent oral and written communication skills; Familiarity with standards such as, NIST, DIACAP, FISMA, and working knowledge of the NISPOM, JFAN, JPAS, ICDs and Navy Information; excellent interpersonal skills; ability to manage small projects.
4. Other: Ability to lift 20 lbs. (e.g. computer and AV equipment), walk (to end user stations) and bend (to install and connect equipment).
5. **Active Secret security clearance required at the time of hire** with the ability to obtain and retain a Top Secret security clearance.
----------------------------------------------------------------------------
*****Voluntary (but highly desired) document*****Please include a personal statement as part of your application. A personal statement is a chance for us to get to know you. The statement is your opportunity to share your goals, interests, influences and show us that you will be a valuable asset to our organization. Please click here for personal statement guidelines *Personal statements will not be used as an elimination criteria for this position. They will only be used to enhance a candidates application*
#CJ
CNA is committed to providing equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service and protected veterans, or other non-merit based factors. In addition to federal legal requirements, CNA complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. These protections extend to all terms and conditions of employment, including recruiting and hiring practices, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training and career development programs. For more information about EEO protections, please view the EEO is the law posters below: "EEO is the Law" Poster; "EEO is the Law" Poster Supplement. The pay transparency policy is available here: Pay Transparency Nondiscrimination Poster To be considered for hire, all individuals applying for positions with CNA are subject to a background investigation. For positions requiring access to classified information, U.S. citizenship is required. Individuals will also be subject to an additional government background investigation, and continued employment eligibility is contingent upon the ability to obtain and maintain an active security clearance. **Other details**
* Job Family Information Technology
* Job Function Career Path III - Professional