eWAN Information System Security Officer (ISSO) (Onsite)

About The Position

Requirements

• Typically requires a University Degree or equivalent experience and minimum 5 years prior relevant experience, or an Advanced Degree in a related field and minimum 3 years experience.
• Experience managing and implementing security program requirements in a classified environment.
• Compliance-based auditing using the RMF, Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM), National Industrial Security Program Operating Manual (NISPOM).
• Certifications equivalent to or exceeding DoD 8570.01-M IAM Level I (Security+ or other).
• Knowledge and/or experience with STIGs, SCAP, Splunk, Tenable or other system hardening and compliance, vulnerability assessment, network security and/or SIEM tools.
• Active and transferable secret U.S. government issued security clearance is required prior to start date.
• U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance.

Nice To Haves

• Experience working in DoD classified operating environments and/or in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF), NIST 800-53- Rev 4.
• Experience with Scaled Agile Framework (SAFe) work practices.
• Experience with large multi-facility networks of complex components, including Windows and Linux environments.
• Excellent oral and written communication skills with attention to detail and ability to multitask.
• Ability to adapt to rapidly changing environment and work under pressure to meet project deadlines.

Responsibilities

• Responsible for assessing and monitoring system compliance, auditing, security plan development, and delivering information systems security education and awareness.
• Assists in investigating information system security violations and preparing reports specifying corrective and preventative actions.
• Responsible for reviewing and approving configuration management requests within delegated authority, conducting technical and administrative security assessments, and performing security sustainment activities including hardware and software change management, account management, media protection, and file transfer reviews.
• Support the integration of new cybersecurity processes, procedures, and tools, assists with the creation and maintenance of cybersecurity documentation, and ensures audit records are collected and analyzed in accordance with approved security plans.
• Develop, update, and/or review Risk Management Framework (RMF) documentation to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Action and Milestone (POA&M), Risk Assessment Report (RAR), as assigned by the ISSM.
• Collaborate with CDS and peer BU ISSMs/ISSOs for alignment and sharing of best practices.

Benefits

• parental (including paternal) leave
• flexible work schedules
• achievement awards
• educational assistance
• child/adult backup care
• medical
• dental
• vision
• life insurance
• short-term disability
• long-term disability
• 401(k) match
• flexible spending accounts
• employee assistance program
• Employee Scholar Program
• paid time off
• holidays