Information System Security Officer (ISSO)

About The Position

Requirements

• Bachelor's degree in computer, information systems management or related field from an accredited college or university or equivalent experience.
• 4 years' experience as an ISSO.
• Experience with DOD 8500.01, Risk Management Framework (RMF) requirements, and drafting, submitting, and maintaining RMF packages.
• Experience with Joint Special Access Program (SAP) Implementation Guide (JSIG) packages.
• Experience in developing and maintaining RMF Documents including System Security Plans (SSP), System Security Checklists, Privacy Impact Assessments, and Authority to Operate (ATO) artifacts.
• Experience in developing Plan of Action and Milestones (POA&M).
• Knowledge of independent verification and validation techniques.
• Experience working independently and as part of a team in researching data, developing analytical techniques and methodologies.
• A current Information Assurance Manager (IAM) Level I (CAP, Security+ CE) or comparable certification in accordance with DoD 8570.01-M.
• A current Secret clearance with eligibility to receive a TS/SCI, or have a Background Investigation completed within the last 6 months.

Nice To Haves

• IAM Level II (CAP, CASP, CISM, CISSP) or comparable certification in accordance with DoD 8570.01-M.
• Knowledge in monitoring and conducting Security Control Assessment to ensure all controls meet security requirements as stipulated in the SSP, NIST SP 800-53, JSIG.
• Understanding of maintenance and inventory process for information Security Systems.
• Experience in coordinating with Leadership across the organization to ensure timely compliance.
• Experience in developing waivers and exceptions for information system vulnerabilities.
• Knowledge of quality assurance, quality control, and independent verification and validation techniques.
• Experience working in a corporate environment and with a diverse user population and a global enterprise.

Responsibilities

• Serve as an Information Systems Security Officer (ISSO) at our Beavercreek, OH Area location working with the Site IA in support of a KBR Information Systems.
• Perform extensive assessments of systems and networks within the networking environment or enclave and identify deviations from acceptable configurations, enclave policy, or local policy.
• Conduct passive evaluations (compliance audits) and active evaluations (vulnerability assessments).
• Perform Information Assurance and IT Security tasks to ensure the secure operation of the KBR information systems as part of the KBR Information Assurance Operations team.
• Establish strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of systems.
• Assist in the implementation of required government policy (i.e., JSIG, NISPOM, SP-800-171, SP-800-53, RMF) for site-hosted information systems and make recommendations on process tailoring.
• Perform extensive analyses to validate established security requirements and recommend additional security requirements and safeguards.
• Conduct periodic reviews of each system's audits and monitor corrective actions until all actions are closed.

Benefits

• 401K plan with company match
• Medical, dental, vision, life insurance, AD&D
• Flexible spending account
• Disability
• Paid time off
• Flexible work schedule
• Support for career advancement through professional training and development