Cybersecurity – Information System Security Officer (ISSO)
About The Position
Cybersecurity is currently seeking a highly motivated Cybersecurity – Information System Security Officer (ISSO) to join their team in Mesa, AZ. The selected candidate will support implementation and sustainment of DFARS/NIST SP 800-171 and Cybersecurity Maturity Model Certification (CMMC) controls for systems handling Controlled Unclassified Information (CUI), ensuring continuous compliance, risk management, and overall program management of a large portfolio of systems. The ISSO will develop and maintain security documentation (including System Security Plans and POA&Ms), coordinate audits and remediation with program stakeholders and assessors, and drive ongoing monitoring to protect CUI in accordance with DFARS 252.204-7012 and CMMC requirements.
Requirements
- IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification (i.e. CAP, Security+ CE, CISSP, CASP, CISM, GSLC, CCP)
- 3+ years of experience with cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series
- 1+ years of experience implementing and sustaining Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012/National Institute of Standards and Technology (NIST) SP 800-171 controls and mapping to Cybersecurity Maturity Model Certification (CMMC) requirements
- Must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee.
- Requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)
Nice To Haves
- 3+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs
- 3+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
- 3+ years of experience assessing and documenting test or analysis data to show cyber security compliance
Responsibilities
- Performs security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards
- Oversees configuration management of assigned systems; auditing systems to ensure security posture integrity
- Leads staff with assessments and test/analysis data to document state of compliance with security requirements
- Conducts risk assessments and investigations, execute appropriate risk mitigations, and oversee incident response activities
- Conducts periodic hardware/software inventory assessments
- Serves as organization spokesperson on advanced projects and programs
- Acts as advisor to management and customers on advanced technical research studies
- Interfaces with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements
Benefits
- health insurance
- flexible spending accounts
- health savings accounts
- retirement savings plans
- life and disability insurance programs
- paid and unpaid time away from work
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
