Information System Security Officer (ISSO)

HX5, LLC•Ogden, UT

13d•Onsite

About The Position

HX5 is an award-winning provider of engineering, research and development, and technical services to clients such as NASA and the Department of Defense. Founded in 2004, HX5 is a fast-growing veteran- and woman-owned company with locations nationwide. HX5 is currently seeking a qualified Information System Security Officer (ISSO) to join the team at Hill Air Force Base in Ogden, UT. Essential Duties and Responsibilities: The Contractor shall be able to perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, artifact creation development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. Support the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., RMF). Provide support for the configuration and artifact creation for IS and or Platform Information Technology (PIT) systems in accordance with applicable guidance for RMF accreditation. Recommend or help create policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data. Assist the ISSM with conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Conduct systems security evaluations, audits, and reviews. Work with the ISSM to create individual systems security contingency plans and disaster recovery procedures. Create and implement programs to ensure that individual IS or PIT systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures created by the ISSM. Participate in network and systems design to ensure implementation of appropriate systems security policies to include artifact creation for RMF activity. Facilitate in the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes and or investigations related to failure to follow security policy. Ensure the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.

Requirements

Must have one of the following combinations of education and experience: Master’s degree and ten (10) years of directly related experience, five (5) of which must be in the DoD. Bachelor’s degree, and twelve (12) years of directly related experience, five (5) of which must be in the DoD. OR fifteen (15) years of directly related experience, eight (8) of which must be in the DoD.
DoD 8570 compliant IAT Level I or II certification, and includes certifications such as: CompTIA Security+, CompTIA Cloud+, Security Leadership Certification (GSLC) is required.
Proof of U.S. Citizenship or U.S. Permanent Residency is a requirement for this position.
Must be able to complete a U.S. government background investigation.
Must be able to obtain a Secret clearance.
Must be able to travel, including air travel.

Responsibilities

ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, artifact creation development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
Support the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., RMF).
Provide support for the configuration and artifact creation for IS and or Platform Information Technology (PIT) systems in accordance with applicable guidance for RMF accreditation.
Recommend or help create policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data.
Assist the ISSM with conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
Conduct systems security evaluations, audits, and reviews.
Work with the ISSM to create individual systems security contingency plans and disaster recovery procedures.
Create and implement programs to ensure that individual IS or PIT systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures created by the ISSM.
Participate in network and systems design to ensure implementation of appropriate systems security policies to include artifact creation for RMF activity.
Facilitate in the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes and or investigations related to failure to follow security policy.
Ensure the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.