BACKGROUND
The National Biodefense Analysis and Countermeasures Center (NBACC) is a one-of-a-kind facility dedicated to defending the nation against biological threats. Its work supports DHS and National biodefense preparedness planning, response, emerging threat characterization and bioforensic analyses. It is the first national laboratory created by DHS in response to biodefense gaps identified following the Amerithrax attacks of 2001 and has been operated by the Battelle National Biodefense Institute (BNBI) since 2006. Since its inception, NBACC and its staff have filled critical shortfalls in our scientific knowledge of biological agents needed to protect the public and defend the Nation from biological threats, whether naturally occurring, accidental, or deliberate and provided federal law enforcement with scientific data to support the investigation and attribution of biocrimes and protection of the US bioeconomy.
NBACC includes two centers: the National Bioforensic Analysis Center (NBFAC), which conducts the technical analyses in support of federal law enforcement investigations, and the National Biological Threat Characterization Center (NBTCC), which conducts experiments and studies to obtain data required for a better understanding of biological vulnerabilities and hazards. Together these centers offer a unique national resource for understanding the risks posed by biological agents and emerging technologies to inform biodefense policy and response planning and the operational capability to support the investigation, prosecution, and prevention of biocrimes and bioterrorism.
PRIMARY FUNCTION
The Information Systems Security Officer (ISSO) advises the Network Security Manger (NSM), IT Manager, and System Owner on NBACC Information Systems Security matters for systems assigned. Focuses on ensuring that NBACC IT Systems are compliant with DHS information security policy, rules and requirements, and for completing system and network Certification and Accreditation (C&A) requirements. Supports the NSM to ensure implementation of an Information Security Program is maintained throughout NBACC.
MINIMUM REQUIRED QUALIFICATIONS
* Bachelor's Degree (or equivalent), preferably in Cybersecurity and/or Computer and Information Systems related studies. * A minimum of 3 years of cybersecurity related experience is required, primarily as an ISSO. Federal Information Security Modernization Act (FISMA) Policy and Compliance experience is strongly desired. * Certified Information Systems Security Professional (CISSP) is preferred, although other Security certifications will be considered. * Experience with security technologies including Vulnerability Scanning, Firewalls & Log Analysis, Host-based detection tools, Security Event and Incident Management (SEIM), Antivirus, Network Packet Analyzers, malware analysis and forensics tools. * Experience in analyzing audit logs, router logs, firewall logs, IDS logs and TCP/IP headers. * Ability to interpret, analyze, and report significant event findings and anomalies in accordance with Computer Network directives. * Must be pro-active, a self-starter, and independent. * Skills and experience to support laboratory activities and work in accordance with NBACC's management system (e.g., ISO). * Must be a citizen of the United States, able to obtain and maintain an interim secret clearance leading to a top-secret clearance and suitability for DHS. TS/SCI clearance is required. * Participation in the Medical Surveillance Program and enrollment in the Personnel Reliability Program (PRP) is required. * May be required to participate in NBACC's alternative work schedule and/or on-call schedule, dependent upon business needs.
PRIMARY RESPONSIBILITIES
* Serves as the principal point of contact for all IT security aspects pertaining to the IT systems for which the ISSO is responsible. * Works closely with the Component ISSM and DHS CISO staff, as appropriate, to interpret and apply IT security policies and procedures. * Ensures that the Network Security Manger and IT Manager are kept apprised of all pertinent matters involving security or non-compliance of IT systems. * Works with other ISSOs and the Network Security Manager as needed in order to maintain, enhance and optimize the technologies that are currently deployed within the organization. * Works with system owners to document system vulnerabilities and weaknesses in Plans of Action and Milestones (POA&Ms) and to initiate corrective actions. * Employs automated tools approved by the DHS CISO, such as Nessus, SwimLane, and CrowdStrike. * Ensures that all NBACC personnel receive computer security awareness training. * Maintains all documentation and security artifacts detailing the information systems purpose, implemented controls, inventory of hardware, firmware, and software configurations and other security relevant details. Develops and maintains the system security plan for every IT system assigned. * Evaluates proposed modifications to assigned NBACC information systems and provides input to the NSM on the impact of system changes to security. * Assists in the development of system modifications and system change proposals. * Must be a team player, communicate clearly, be open to hearing ideas and suggestions from others, diffuse situations, and exercise empathy and patience with colleagues. * Must have the ability to multi-task, maintain composure under pressure, and utilize effective time management skills to prioritize tasks. * Must be a self-starter driven by an eagerness to succeed, maintain flexibility, adapt to change in a productive and positive manner, learn new concepts, and utilize critical thinking to resolve complex problems. * Maintains appropriate records. * Performs other duties as assigned/authorized.
BNBI is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.
|