Associate Information System Security Officer (ISSO)
About The Position
Moog is seeking an Associate Information Systems Security Officer (ISSO) to support the Information Security Manager. This role involves the operation, accreditation, maintenance, and auditing of Information Systems (IS) that process classified information. The primary goal is to maintain the operational security posture in accordance with system security plans and governing policies, including the DCSA Assessment and Authorization Process Manual (DAAPM) and the National Industrial Security Program Operating Manual (NISPOM Rule). This position is based at Moog's headquarters in East Aurora, NY, with a hybrid work schedule.
Requirements
- Bachelor’s degree in information technology, Computer Information Systems, or related field is preferred.
- Minimum of three (3) years’ experience in Information Assurance.
- Knowledge of policies such as DAAPM, NISPOM Rule, JSIG, ICD 503, RMF, and NIST Special Publications.
- Proficiency with using vulnerability scanning, auditing, SIEM, DLP, and hardening tools such as Nessus, SCAP Compliance Checker (SCC), USB Device Control, STIGs, Windows GPOs (importing, testing, implementing, modifying, exporting), and PowerShell scripts for automated and routine tasks.
- Proficiency with performing data transfers and knowledge of data transfer procedures.
- Appropriate US Security Clearance (Secret/Top Secret) or ability to meet the requirements to attain and maintain a clearance.
Nice To Haves
- COMSEC-related experience is a plus.
Responsibilities
- Prepare, update, and maintain Risk Management Framework (RMF) documentation such as Authorization to Operate (ATO) packages, System Security Plans (SSP), Risk Assessment Reports (RAR), Standard Operating Processes (SOP), and Plan of Actions and Milestones (POA&Ms) for all classified networks and systems.
- Assist in the regular auditing, updating, and continuous monitoring of Information Systems (IS) to ensure security controls are implemented and maintained according to RMF/ATO.
- Assist in maintaining a complete inventory of IS, including software and peripheral hardware.
- Assist Data Transfer Agents (DTA) and Facility Security Officer (FSO) in performing file transfers using removable media, adhering to Assured File Transfer (AFT) policy and procedures.
- Coordinate with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO) for all Configuration Management (CM) changes and modifications to IS software and hardware.
- Identify and assess device classification risks and determine appropriate risk mitigation safeguards to maintain security posture.
- Assist in scheduling, performing, and maintaining records of required IS auditing, patching, maintenance, configuration management changes, and scanning based on evolving threats/vulnerabilities and customer compliance requirements.
- Work with System Administrators (SA) to configure and maintain IT components and infrastructure in compliance with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and DoD cyber security requirements.
- Ensure ISs are operated, maintained, and properly disposed of in accordance with security policies and procedures.
Benefits
- annual bonuses
- employee stock purchase plan
- open paid time off policy
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
