Information System Security Officer, Classified Cybersecurity

About The Position

Requirements

• Current Top Secret/SCI clearance
• DoD 8140/8570 IAT Level II certification (Sec+) or higher
• Knowledge of multiple vendor operating systems security requirements
• Hands-on experience with industry standard Information Assurance tools
• Hands-on auditing and investigation experience
• Experience with RMF
• Have a Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Master’s degree.

Nice To Haves

• Experience with obtaining and maintaining system Authority to Connect (ATO).
• Experience implementing new and complex technologies at multiple classification levels within large enterprise environments.
• DoD 8140/8570 IAM Level III certification.
• Ability to understand information systems equipment configurations.
• Experience working Assessment & Authorization (A&A) to completion.
• Experience with Graylog or Splunk.
• Experience with RHEL and Windows.
• Experience with Cisco and/or Juniper network devices.

Responsibilities

• Oversee day-to-day information system (IS) security operations including hardware and software implementations.
• Fulfill appointed Media Custodian role as requested/directed by the customer.
• Carry out technical administration of IS in accordance with internal LM and customer security requirements, primarily RMF.
• Auditing of the IS.
• Upkeep, monitor, analyze, and respond to network and security events.
• Document compliance actions within the approved automated compliance tracking system or develop a plan of actions and milestones (POA&M) with the Information Systems Security Manager (ISSM) to address non-compliance in the allotted time frame.
• Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan.
• Ensure configuration management (CM) for security-relevant IS software, hardware, and firmware is maintained and documented in accordance with baseline.
• Ensure all information system security-related documentation is current and accessible to properly authorized individuals.
• Ensure records are maintained for workstations, software, servers, routers, firewalls, network switches, telephony equipment, etc. throughout the information system's life cycle.
• Evaluate proposed changes or additions to the information system, and advise the ISSM of their security relevance.
• Assist and conduct security IS education.
• Participate in internal/external security audits/inspections; perform risk assessments.
• Inform ISSM on technical IS security matters.
• Assist in conducting investigations of computer security violations and incidents, reporting as necessary to both the Program Security and Program Managers.
• Ensure proper protection and/or corrective measures have been taken when an incident or vulnerability has been discovered.
• Communicate, implement and manage a formal Information Security/Information Systems Security Program together with ISSM and Program Security.
• Implement and enforce Information Security Policies and Procedures together with ISSM and Program Security.
• Review and oversee RMF Package authorizations with the ISSM.

Benefits

• Medical
• Dental
• Vision
• Life Insurance
• Short-Term Disability
• Long-Term Disability
• 401(k) match
• Flexible Spending Accounts
• EAP
• Education Assistance
• Parental Leave
• Paid time off
• Holidays