Information Systems Security Officer (ISSO)

The Information Systems Security Officer (ISSO) will perform penetration tests and vulnerability assessments using the approved DoD vulnerability scanner, Defense Information systems Agency (DISA) Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs) and other DoD/DoN software assurance security tools. The ISSO will implement operating systems and network devices security configuration in accordance with DISA approved security technical implementation guides and Security Requirement Guides. They will also perform Cybersecurity assessment procedures, security audits and risk analysis. The ISSO is expected to develop and update Program Protection Plans, Cybersecurity Strategies, and other security related acquisition documentation in support of programs. They will ensure that security related provisions of the system acquisition documents meet all identified security needs and develop mitigation strategies for DoD information systems. Preparation of RMF artifacts and Memoranda of Agreement (MoA) with system owners for interface and networking implementations is also required.