This course is available as a Best Practices course or a customized course that accommodates agency-specific policies and security requirements.
This five-day course focuses on the role of the Information Systems Security Officer (ISSO) who is responsible for ensuring the security of the general support systems, major applications, and/or custom-built applications. ISSOs will learn about their responsibilities for ensuring the systems within their purview implement the local information system security policies and controls and that they maintain an acceptable level of risk throughout the system development lifecycle. It also covers the National Institute of Standards and Technology (NIST) guidance for role-based training that will assist ISSOs in performing their jobs.
The course also offers many large and small group activities to discuss and practice ISSO duties in a safe environment. Labs are also available that include hands-on activities to practice with industry-wide monitoring tools such as Hyena and Device Lock.
All of the curricula and activities are designed to provide ISSOs with knowledge, skills, tools, and practice to successfully complete the responsibilities of their position.
Perform ISSO duties as well as any local security policies
Use approved automated tools to ensure compliance with cybersecurity policies
Conduct manual reviews to ensure compliance with cybersecurity policies
Use risk-based analysis to recognize and address existing and/or new vulnerabilities, threats, and risks to local sites and/or applications
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.