Information Security System Officer

About The Position

Requirements

• US Citizenship
• Clearance: Must have Active SECRET Clearance, TS/SCI preferred.
• Education: Bachelor’s degree in Information Security, Computer Science, or a related field.
• Experience: 5+ years of experience in information security with Space AO and DCSA.
• Proven experience in leading the management and implementation of an Information Security Program.
• Technical Skills:
• Strong understanding of security frameworks and standards for RMF, CNSSI, and NIST.
• Proficiency in security tools and technologies, such as SIEM, IDS/IPS, STIG Hardening, and vulnerability management solutions.
• Exposure to technologies and concepts including Kubernetes Containerization, AWS Secret Environment and Tooling, CI/CD pipelines, and Secure Network Architecture.
• Certifications: Must have IAT Level II Certification (CompTIA Sec+ or Comparable) or preferred IAT Level III (CISSP, CISM, or Comparable).
• Soft Skills:
• Excellent communication and interpersonal skills.
• Strong analytical and problem-solving abilities.
• Ability to manage multiple projects and priorities in a fast-paced environment.
• ITAR REQUIREMENTS
• To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.

Responsibilities

• Security Policy Development and Implementation:
• Develop and enforce information security policies, standards, and procedures in accordance with CNSSI 1253, NIST SP 800-53, and other applicable Space or Federal regulations.
• Ensure that security policies are up-to-date and reflect current threats and vulnerabilities.
• Risk Management and Assessment:
• Conduct regular risk assessments and vulnerability assessments to identify potential security threats.
• Implement risk mitigation strategies and manage the risk management framework.
• Compliance and Audit Management:
• Ensure and maintain IATT and ATO requirements through the RMF Steps.
• Prepare for and execute formal assessments with Government Security Control Assessors in support of achieving and maintaining ATOs.
• Exercise Continuous Monitoring of employed security controls to ensure comprehensive and effective implementation over time.
• Incident Response and Management:
• Develop and maintain an Incident Response Plan, partnering with Government Customers/Prime/Subcontractors for reporting procedures.
• Lead incident response activities, including investigation, containment, and remediation of security incidents.
• Investigate and adjudicate SIEM events.
• Security Training and Awareness:
• Develop and conduct security training and awareness programs for Users on classified Information Systems.
• Ensure all personnel are aware of their security responsibilities and understand the importance of maintaining security standards.
• System Security Plans (SSPs):
• Create and maintain System Security Plans within eMASS (SECRET and/or UNCLASS), collecting all required artifacts (Compliance and Vulnerability reports, documented Policies/Procedures, etc.)
• Ensure that SSPs are regularly reviewed, updated, and compliant with regulatory requirements.
• Collaboration and Communication:
• Work closely with IT System Admins, compliance, and other departments to ensure cohesive and comprehensive security strategies.
• Serve as a point of contact for security-related issues and provide guidance and support to other teams.
• Continuous Improvement:
• Stay up-to-date with the latest security trends, technologies, and regulatory requirements.
• Continuously improve security measures and processes to protect information systems effectively.

Benefits

• We work in a cutting edge industry and you will get the opportunity to be part of a small team with a large direct impact on the success of our customers’ space missions!
• We take work life balance very seriously. We require employees to take 15 days off but provide unlimited PTO and follow most US federal government holidays.
• Mental health is just as important as physical so we provide quarterly health & wellness benefits.
• Comprehensive health insurance for you and your family with 100% coverage for employees.
• We encourage employees to save for retirement and provide 4% 401(k) matching.
• Each quarter we have a 4-day company offsite. Previous locations include San Francisco, Nashville, Denver, Santa Fe, New Orleans, San Diego, Bozeman, and New York City.
• Our culture and company is evolving. You will be key in creating the next major or minor version!