Information System Security Officer, Senior (Top Secret)

About The Position

Requirements

• A bachelor's degree and more than ten (10) years of relevant experience are required.
• An associate degree plus four (4) years of additional experience performing work related to the labor category functional description may be substituted for a Bachelor’s Degree.
• An active DoD TOP SECRET clearance is required to start.
• The applicant may be subjected to a security investigation and must meet eligibility requirements for access to classified information.
• The applicant must meet the certification and clearance requirements established IAW the DoD Manual 8570-1M.
• Must have one of the following certifications to start: CISM, CISSP (or Associate), GSLC.
• Knowledgeable and proficient in Risk Management Framework (RMF) processes.
• Knowledgeable and proficient in Cybersecurity/A&A tools (i.e., eMASS, eMASSter, STIG Viewer, SCAP Compliance Checker (SCC), VRAM, and Visio).
• Knowledgeable and proficient in IT systems and subsystems.
• Knowledgeable and proficient in Rotary Aircraft systems.
• Knowledgeable and proficient in Secure Operating Systems.
• Knowledgeable and proficient in Project management.
• Knowledgeable and proficient in Written and verbal communications.
• Knowledgeable and proficient in Teamwork and collaboration.
• Knowledgeable and proficient in Working on classified systems (i.e., SIPRNet) within secure environments.
• Knowledgeable and proficient in Working on high-visibility or mission-critical aspects of a given program and performing all functional duties independently and as part of a team in NAVAIR environments.

Responsibilities

• Serving as a Lead ISSO for a designated NAVAIR program.
• Conduct Risk Assessments for US Navy RMF packages and provide recommendations to improve the Cyber Security posture through risk mitigation steps.
• Managing day-to-day cybersecurity activities for the team, including the oversight of less senior staff and their assigned responsibilities.
• Developing US Navy RMF authorization packages.
• Performing validation activities for RMC authorization packages.
• Preparing/Updating RMF documentation.
• Preparing IATTs and Use Case MFRs as required to support development and testing.
• Preparing for CyberSafe authorization in parallel with the system authorizations.
• Establishing Cybersecurity policies IAW security control implementations.
• Implementing a Cybersecurity Plan.
• Performing Cyber Tabletop exercises.
• Performing asset and vulnerability management via VRAM reporting.
• Performing vulnerability assessments and system authorization activities through collaboration with SMEs (System Administrators, Network Admins, Lab Managers, Program Managers, and ISSMs).
• Performing system security assessments.
• Evaluating and reporting software IAW DITPR/DADMS requirements.

Benefits

• Investment in employees (train, certify, educate, and build our employees).
• Experience, tuition assistance, and certifications.
• Great place to work with a small company feel.
• Paid relocation assistance.
• Competitive paid vacation package.
• 11 paid federal holidays.
• High-quality, low-deductible healthcare plans.
• Pet insurance.
• Competitive 401K package.