Information Systems Security Officer L0 (Duluth)

AT&T - COLUMBIA, Maryland

Don't miss this opportunity to join the company recognized by Fortune magazine as the World's Most Admired Telecommunications Company and ranked #4 on DiversityInc's list of 2011 Top 50 Companies for Diversity.  
 
As the largest communications company in the world, more than 120 million customers count on us every day to deliver the wireless, Internet, data and advertising services that fuel their businesses and connect them to their world. You will find yourself connecting communications and technology with opportunities that will take you to places you never imagined.

You don't have to be a tech whiz to join AT&T. It takes more than technology to keep us ahead of the curve, and thanks to our teams of legal/operations, marketing and finance whizzes, we do just that. Every day, each works to ensure the success of the company while they advance their own careers.
 
What does it take to join us? We demand exceptional skills in your discipline and a real dedication to being the best.

After all, we're asked to keep AT&T profitable and on the cutting edge, and at the same time, build on more than a century of innovation and success. We are a world leader in communications and entertainment, and we plan to keep on growing.
 
Responsibilities include:
 

 The Information System Security Officer Level 0 provides support for a program, organization, system, or enclave’s information assurance program. Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.

  • Assists with maintaining operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
  • Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
  • Assist with the evaluation of security solutions to ensure they meet security requirements for processing classified information.
  • Performs vulnerability/risk assessment analysis to support certification and accreditation.
  • Provides configuration management (CM) for information system security software, hardware, and firmware.
  • Assist with managing changes to system and assesses the security impact of those changes.
  • Assist with the preparation and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Assessment & Authorization (A&A) packages, and System Controls Traceability Matrices (SCTMs).
  • Supports security authorization activities in compliance with the NIST Risk Management Framework (RMF) and any DoD and IC tailored requirements
Key tasks include:
  • Assist with the planning and coordination the IT security programs and policies
  • Understand the A&A process for accreditation
  • Provide support for a program, organization, system, or enclave’s IA program
  • Assist with the validation or approval of user authorization for accounts
  • Understand the authorization boundary of systems
  • Assist with the collaboration with System and Network administrators in understanding and documenting data flow and architecture diagrams
  • Knowledge of security controls, the assessment and applicability to systems
  • Assist with the maintaining the operational baseline of systems under their purview
  • Provide ongoing Continuous Monitoring to assigned systems
  • Assist with providing and validating the operational security posture of systems
  • Understand how the reauthorization process of a system is accomplished
  • Understand how a system is decommissioned when it is no longer required
  • Assist with the managing risks while assigned system is in operation
  • Ability to understand the POA&M process as well as track and closeout any outstanding liens
  •  Ability to acknowledge and respond to IAVAs and create liens as necessary
  • Assist with performing security relevant changes
  • Assist with performing vulnerability assessments to ensure updates and system baseline are enforced
  • Recognize a possible security violation and take appropriate action to report the incident
  • Manage protective or corrective measure when an IA incident or vulnerability is discovered
  • Review of audit reduction tools to monitor and review systems for compliance with IA policy
  • Excellent written and verbal communication skills
  • Excellent teamwork skills
  • Results oriented, high energy, self-motivated
  • Candidate may be required to respond to after-hours requests as required in a 24 x 7 environment

 Required Skills, Experience, and Education: Two (2) years of experience as an ISSO on programs and contracts of similar scope, type, and complexity are required. Bachelor’s degree in Computer Science or related discipline from an accredited college or university is required. DoD 8570 compliance with Information Assurance Technical (IAT), Level I or higher is required. Two (2) additional years of experience as an ISSO may be substituted for a Bachelor’s degree.

Required Certification: Any of the following or higher certification; A with Continuing Education, Cisco Certified Network Associate-Security (CCNA-Security), Network Continuing Education, System Security Certified Practitioner (SSCP)

Required Clearance: TS/SCI w/polygraph

AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V
Posted: 30+ days ago

About AT&T


AT&T Logo
At AT&T, we’re bringing it all together. We deliver advanced mobile services, next-generation TV, high-speed Internet and smart solutions for people and businesses. That’s why we stand alone as a fully integrated solution provider.... more

Get more Job Training at

St John Fisher College
St John Fisher College
Visit our partner site

Featured Employers