Information System Security Officer 3 (ISSO3) with Security Clearance

Qualifications:
+Doctoral degree plus 4 years of relevant experience, OR
+Master's degree plus 6 years of relevant experience, OR
+Bachelor's degree plus 8 years of relevant experience, OR
+Associate's degree plus 10; or 18 semester hours of military coursework/training in a computer-related field plus 10 years of relevant experience, OR
+High School diploma/GED plus 12 years of relevant experience. Degree in Information Assurance, Information Security, Information Systems, Information Technology, Computer Networking, Information Science, Cyber Security, or related is preferred. Relevant experience must be in information systems design, development, programming, information/computer/cyber/network security, vulnerability analysis, system auditing, penetration testing, computer forensics, computer systems research, and/or systems engineering (i.e., requirements analysis, design, implementation, testing, integration, deployment/installation, and maintenance). Experience in the Risk Management Framework (RMF), Information Systems Security technologies, IT policies, and ability to interpret policies and directives is desired. Network and system administration may be used to meet the relevant experience requirement. Continued assignment to this work role is contingent upon compliance with NSA's Cyberspace Workforce Improvement Program (CWIP) per NSA/CSS Policy 6-34; Information Assurance Manager (IAM) Tier 1 certification requirements must be met within 6 months of assignment to the position. Maintaining certification status is required through continuous education training or sustainment training while serving in this work role. General LCAT Description: The Information System Security Officer (ISSO) is responsible for ensuring the appropriate operational security posture is maintained for an information system (IS). ISSO responsibilities support the Secure the Enterprise (STE) / Secure the Network (STN) effort by continuously monitoring all NSA/CSS networks to detect and correct areas of security non-compliance, unmitigated vulnerabilities, and other risks in order to prevent insider threats and adversary activity. ISS0s, across the cryptologic enterprise, follow consistent security processes and play a critical role in the Information Systems Continuous Monitoring (ISCM) Program to support the agency's need to continuously operate its information assets within an acceptable level of risk and coordinate a proactive response as the threat environment changes.