Information System Security Officer (ISSO) - Andover, MA

RTX•Andover, MA

22h•Onsite

About The Position

The cybersecurity team is seeking an Information System Security Officer (ISSO) to support our team 100% onsite at our facility in Andover, Massachusetts. You will interface and collaborate with the Information Systems Security Manager (ISSM) to ensure adherence to all NISPOM Chapter 8, DAAPM, JSIG policies. You will be primarily responsible for system compliance, auditing, security plan development and delivering information systems security education and awareness. You will also assist in investigating information system security violations and help prepare reports specifying corrective and preventative actions. The position routinely collaborates with the facility security team, program personnel, and government representatives. Security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.) Important note: Within six months of hire date, you must obtain and maintain a Security professional certification commensurate with IAM Level I certification (Security+ or other), if you do not already have this certification.

Requirements

University Degree and minimum 2 years prior relevant experience, or an Advanced Degree in a related field
Cybersecurity, systems security or hardening
Information Technology
Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM), and/or non-defense regulations such as FAA, Payment Card Industry (PCI), ISO 9001 Quality Management standards, or HIPPA
Experience working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics)
Physical security/security, policework/criminal justice, investigations, or Border Patrol
Project or program management, office management, senior administration, or account management
Active and transferable U.S. government issued security clearance is required prior to start date.
U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance
Secret - Current Security Clearance
Active and existing security clearance required on day 1

Nice To Haves

Experience working in DoD classified operating and/or laboratory environments
Familiarity with cybersecurity Risk Management Framework (RMF) and compliance as stipulated by NISPOM/DAAPM, JSIG, ICD 503, STIGs and associated NIST publications
Experience with audit reviews such as physical security, network and system event logs, password administration, file access privileges, etc.
Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication
Ability to work independently and as a member of a team
Self-motivated and possess exceptional written and verbal communication skills, particularly in documenting evaluation results
Customer focused, adaptable and willing to work varying assignments
Completion of National Industrial Security Program cybersecurity training courses available at https://cdse.usalearning.gov/login/index.php

Responsibilities

System compliance
Auditing
Security plan development
Delivering information systems security education and awareness
Assisting in investigating information system security violations
Helping prepare reports specifying corrective and preventative actions
Collaborating with the facility security team, program personnel, and government representatives
Security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.)