Information Systems Security Representative (ISSR)
The Information Systems Security Representative will provide Information Technology Security Assessment and Authorization (A&A) support.
- Facilitate initial briefings and subsequent meetings of the A&A core team.
- Coordinate the completion of a BIA.
- Recommend security requirements to executive sponsors and portfolio managers during the BIA process based on generally accepted industry practices, the operating environment [e.g., hosted in the de-militarized zone (DMZ)], and the risks associated with the information resource.
- Coordinate with ISSO to determine what information resources are vulnerable to threats, what controls and countermeasures may be appropriate, and the A&A process.
- Review and evaluate A&A documentation, including the BIA, Risk Assessment, Security Plan, Security Test and Evaluation (ST&E) plan and report, and provide independent reviews of the information resource.
- Prepare the A&A Evaluation Report.
- Escalate security concerns and the forwarding of the A&A Evaluation Report and supporting A&A documentation package to the certifier.
- Work with the ISSO to complete A&A artifacts and send required artifacts (e.g., TAD and security specifications for procurements) to the ISSO.
- Other duties as assigned.
- Working knowledge of A&A process (BIAs, Risk Assessments, Security Plans, Vulnerability scans, etc.).Experience/skill in interpretation and application written policy and regulationAble to troubleshoot and prioritize needs.Knowledge of information systems security in a production environmentExcellent communications skills, both oral and writtenSecurity+ or CISSP preferredMust be able to obtain a Public Trust