CSfC Information Systems Security Officer (ISSO) III - Ramstein, Germany

About The Position

Requirements

• 7+ years of cybersecurity experience.
• 3+ years of hands-on experience supporting security monitoring, SIEM operations, or ISSO functions.
• Experience configuring and maintaining Elastic (ELK stack), Splunk, or equivalent enterprise SIEM platforms.
• Experience building and customizing security dashboards and telemetry views.
• Experience supporting DoW RMF and continuous monitoring activities.
• Experience reviewing STIGs and correlating vulnerability findings with audit logs.
• Working knowledge of NIST 800-53 Rev 5 controls, particularly AU and SI families.
• Experience with log ingestion pipelines (syslog, Winlogbeat, Filebeat, agents, or equivalent).
• DoD 8570 IAT Level II minimum (Security+ CE, CySA+, CCNA Security, etc.).
• Active Secret or TS/SCI required. Must be eligible to obtain CI Polygraph if required.
• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, Engineering, or related discipline. Experience may be substituted for education in accordance with company policy.
• US Citizenship Required: Yes

Nice To Haves

• Experience supporting CSfC systems.
• Experience establishing monitoring visibility in newly deployed environments.
• Experience tuning alerts and reducing false positives.
• Prior experience as a System Administrator or Network Administrator.
• Elastic or Splunk certification.
• Experience conducting technical audit reviews.
• IAM Level I or II preferred.
• Elastic, Splunk, GSEC, GCIA, or similar monitoring-focused certifications desired.

Responsibilities

• Assist the ISSM in meeting assigned duties and responsibilities in accordance with DoWI 8510.01 and NIST RMF guidance.
• Conduct continuous monitoring activities for assigned authorization boundaries.
• Prepare, review, and update authorization documentation related to audit and monitoring controls.
• Conduct periodic reviews of information systems to ensure compliance with the security authorization package.
• Assess the security impact of system changes and provide recommendations to the ISSM prior to implementation.
• Execute the cybersecurity portion of system self-inspections and assessment activities.
• Configure, manage, and optimize enterprise SIEM platforms including Elastic (ELK stack), Splunk, or equivalent.
• Design, build, and maintain dashboards that provide real-time visibility into: Authentication and access events Privileged user activity Administrative changes Boundary device and encryption component logs System configuration modifications Network security events
• Develop and tune correlation rules and alert thresholds to improve detection capability and reduce false positives.
• Ensure audit records are properly collected, forwarded, parsed, indexed, and retained in accordance with policy.
• Troubleshoot ingestion failures, log parsing issues, and telemetry gaps.
• Validate time synchronization and log integrity across system components.
• Provide telemetry artifacts and dashboard outputs to support internal and external audits.
• Ensure audit records are reviewed and documented, including identification of anomalies.
• Support implementation and validation of CSfC Capability Package security requirements.
• Ensure appropriate logging and monitoring of encryption components, boundary devices, and supporting infrastructure.
• Coordinate with system and network administrators to ensure monitoring requirements are embedded in system deployments.
• Provide recommendations to enhance monitoring visibility and audit compliance within CSfC enclaves.
• Support RMF lifecycle activities within eMASS.
• Maintain SSP sections related to monitoring and audit architecture.
• Review ACAS scan results and correlate findings with SIEM telemetry.
• Validate STIG implementation and audit configuration settings.
• Assist with development of assessment and authorization documentation and bodies of evidence.

Benefits

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays