Information System Security Officer (ISSO)

KBR•Patuxent River, FL

1d•Remote

About The Position

KBR’s National Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and national security communities. In this position, your work will have a profound impact on the country’s most critical role – protecting our national security. KBR’s work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions. Be part of a dynamic team that thrives on collaboration and innovation, fostering a supportive and intellectually stimulating workplace. Your contributions will be pivotal in designing and optimizing defense systems that ensure national security and shape the future of space defense The successful candidate will provide support to the Test Resource Management Center’s (TRMC) All Domain Test Range (ADTR) and INDOPACOM Pacific-Rim Multi-Domain Training and Experimentation Capability Team, Joint Mission Environment Test Capability (JMETC) Secret Network (JSN) Node, JMETC Multiple Independent Levels of Security Network (JMN) Node, Secret Defense Research and Engineering Network (SDREN), Defense Research and Engineering Network (DREN). In this role, you will be a critical part of our team responsible for evaluating customer requirements pertaining to complex technical challenges. The successful candidate will assist with providing solutions to complex problems in a manner which meets both functional and security requirements. You will be responsible for keeping the team’s computing environment operational and in compliance with all TRMC directives and applicable RMF requirements. To do this, you will frequently collaborate with other distributed team members to discuss current system status and plan desired future enhancements. The ideal candidate will have a blended skill set with a strong background in both systems administration and cybersecurity. This individual will possess experience in Windows and Linux server management, Active Directory, Security Technical Implementation Guides (STIGs), and virtualization technologies. This role is critical in ensuring the integrity, confidentiality, and availability of our information systems within a Department of Defense (DoD) environment.

Requirements

Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
Certifications: CISSP, CISM, CASP, Security+
Security Clearance: Active TS/SCI
Experience: Minimum 10 years of system administration or cybersecurity-related experience, specifically within DoD environment.
Technical Skills: Proficient in Windows server and Linux server management, including installation, security policies, configuration, and troubleshooting.

Nice To Haves

Education: Master’s degree in computer science, Information Technology, Cybersecurity, or related field. Advanced degrees or certifications (CISSP, CISM, CASP, Security+)
Virtual Desktop Infrastructure: Horizon, UAG, Provision and Maintain VM pools
Client Support: Solid understanding and experience supporting zero/thin clients
Risk Management System Support: Experience supporting systems within a DoD Risk Management Framework (RMF) accredited environment.
SIEM Solutions: Splunk, SolarWinds, etc.
Skills: Coordination, Communication and Presentation skills Functionality: Layer 2/3 Networking experience Firewall experience DoD 8570 certifications: Security+, CISSP, Computing Environment
DoD Network experience: Experience working with DoD Wide Area Networks and familiarity with various network architectures and common protocols to include: Experience working with Defense Research and Engineering Network (DREN) Experience working with the Secret Defense Research and Engineering Network (SDREN)
EPO (Trelix) experience – policy, agent updates, compliance dashboards, ACAS experience – scanning, reporting, compliance dashboards

Responsibilities

Security Management: Develop, implement, and maintain security policies, procedures, and standards to safeguard organizational information systems.
Conduct regular security assessments, vulnerability scans, and penetration testing to identify and mitigate potential threats.
Monitor security alerts and logs to respond to incidents in a timely manner, ensuring compliance with DoD regulations.
Manage Privileged Access Management (PAM) solutions to ensure secure access control for sensitive systems and data.
Filter and generate reports from Security Information and Event Management (SIEM) tools to provide insights into security incidents and trends.
Respond to JFHQ-DODIN issued orders, such as Cyber Task Orders (CTO).
Participate in DoD mandated Zero Trust efforts (initiatives, planning, testing, and implementation).
Risk Management Framework (RMF) Compliance Apply RMF principles to assess and manage risk associated with information systems, including categorization, selection of security controls, implementation, assessment, authorization, and continuous monitoring.
Collaborate with stakeholders to ensure all systems are RMF-compliant and maintain relevant documentation.
Training and Awareness Develop and conduct security training programs for staff to enhance awareness of information security best practices and organizational policies.
Function as a security advisor to other departments, providing guidance on secure system design and implementation.
Documentation and Reporting Maintain comprehensive documentation of security processes, incidents, and remediation efforts.
Prepare and present reports on security posture, vulnerabilities, and incident response efforts to senior management and other stakeholders.