Collage of various RCS customers and domains, from military to commercial education.

Information Systems Security Officer/Certified Safety and Security Officer (ISSO/CSSO)

We are seeking a dedicated and self-directed ISSO/CSSO to join our team here in Pittsburgh, PA. The ISSO/CSSO is responsible for providing comprehensive security support across various functions, with a strong focus on developing, implementing, supervising, and maintaining a robust security program. The ideal candidate should have experience in CSSO/FSO security management and ISSO experience in accrediting and managing information systems and demonstrate a thorough understanding of security protocols and procedures.

CSSO Responsibilities

  • Experience with DISS and NBIS.

  • Experience running a security program that will protect information and operations that commensurate with the level of classification of the program.

  • Prepare and maintain security accreditation documentation for the facility and mitigation plans.

  • Administer and maintain employee clearances, access credentials, visit certifications, badges, access control, document control, briefings, debriefings, security database records, onboarding processes, and process Visitor Access Requests (VARs)/validate visitor clearances.

  • Perform aspects of personnel security to include nomination interviews, validation of access requirements, submission of investigative requests and nomination packages.

  • Accountable for controlling, transmitting, packaging, and safeguarding COMSEC information, and administer periodic software and cryptographical key updates.

  • Manage and ensure the security of classified programs, including personnel, information, and physical security, in compliance with regulatory requirements.

  • Implement security measures to safeguard personnel, facilities, and information, adhering to the 32 CFR Part 117, The Rule (NISPOM), Intelligence Community Directives (ICDs), Security Executive Agent Directives (SEADs), and other relevant regulations.

  • Build and maintain strong working relationships with government customers and internal teams, to ensure consistent security policies and practices across the organization. Provide guidance and oversight to defense contractors to maintain security integrity.

  • Lead the preparation and successful completion of security inspections and audits by government agencies and internally (self-inspections). Implement corrective actions when necessary.

  • Monitor and ensure compliance with government and company security policies, particularly regarding special security programs. Ensure compliance with Facility Intrusion Detection Systems (IDS) and coordinate necessary maintenance.

  • Provide guidance on physical security, industrial security, and contractor clearance processes.

  • Prepare DD 254s.

  • Collaborate on security education, awareness, and training programs.

  • Investigate and track security incidents while implementing corrective measures

ISSO Responsibilities

  • Provide the detailed knowledge and expertise required to manage the security aspects of an IS. Maintain responsibility for the day-to-day security operations of the system. Responsibilities may also include:

    • Security Control Validation Visits

    • Secure Configuration and Change Management

    • Event Management

    • Account Management

    • Vulnerability Management

    • Security Incident Management

    • POA&M Management

    • Reauthorization

    • Decommissioning

  • Collaborate with the System Owner to maintain Approval to Operate (ATO), including the resolution of any Plans of Action & Milestones (POA&M) documents issued by the DAO.

  • Maintain and validate account and vulnerability management.

  • Develop and provide updated System Security Plans (SSPs) and support documentation (e.g. SECONOPs, diagrams, Privileged User’s Guide).

  • Provide security design guidance and analysis to the project team throughout the Risk Management Framework (RMF) process.

  • Perform reviews of technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommended mitigation strategies.

  • Utilize XACTA, the system of record for SCA data.

Basic Qualifications

  • Bachelor’s degree plus 3 years of relevant experience. Will consider candidates with no bachelor’s degree with desired experience.

  • U.S. Citizenship required.

  • Ability to commute into our Pittsburgh, PA office 2-3 times a week.

Qualifications

  • CSSO & ISSO Experience

  • SCI facility experience

  • Proficiency with DISS, NBIS, SWFT, and XACTA

  • Proven leadership ability and excellent communication skills

  • Military experience is not required but is a plus

Clearance Requirements

  • Department of Defense TS/SCI with polygraph is required at time of hire.

  • Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

AAP/EEO

RCS is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Apply Now