Poly

Amentum•Hanover, MD

13h•Onsite

About The Position

Amentum is seeking an Information Systems Security Officer (ISSO) 2 for a new prime contract that is based out of our Maryland office. This role is crucial for providing support to a program, organization, system, or enclave's information assurance program. The ISSO will be responsible for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. They will maintain the operational security posture for information systems, ensuring policies and procedures are established and followed, and assist with the management of security aspects of the information system, performing day-to-day security operations. The role also involves evaluating security solutions to ensure they meet requirements for processing classified information, performing vulnerability/risk assessment analysis to support security authorization, and managing configuration for information systems security software, hardware, and firmware. Change management and assessing the security impact of changes are also key responsibilities. The ISSO will prepare and review documentation such as System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs), and support security authorization activities in compliance with the NIST Risk Management Framework (NIST RMF).

Requirements

Eight (8) years of combined work-related experience in the fields of IT, cybersecurity or security authorization is required.
Experience in at least two of the following areas is required: knowledge of current security tools, hardware/software security implementation; communication protocols; or encryption tools and techniques.
Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services.
Compliance with DoD 8570.01-M with a minimum certification of IAM Level I is required.
TS/SCI Poly clearance required.

Nice To Haves

Bachelor's degree in Computer Science, Cyber Security, IT Engineering or related field is required. In lieu of a Bachelor's degree, four (4) additional years of work-related experience may be substituted for a total of twelve (12) years.

Responsibilities

Provide support for a program, organization, system, or enclave's information assurance program.
Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
Assist with the management of security aspects of the information system and perform day-to-day security operations of the system.
Evaluate security solutions to ensure they meet security requirements for processing classified information.
Perform vulnerability/risk assessment analysis to support security authorization.
Provide configuration management (CM) for information systems security software, hardware, and firmware.
Manage changes to system and assess the security impact of those changes.
Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
Assist to preparation and maintenance of documentation.
Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information.
Assist with Configuration Management (CM) for information system security software, hardware, and firmware.
Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades.
Propose, coordinate, and implement information systems security policies, standards, and methodologies.
Develop and maintain documentation for Security Authorization in accordance with ODNI and DoD policies.
Provide CM for security-relevant information system software, hardware, and firmware.
Ensure compliance with system security policy.
Maintain operational security posture for an information system or program.
Provide support to the information System Security Manager (ISSM) for maintaining the appropriate operational Cybersecurity posture for a system, program, or enclave.
Develop and update the system security plan and other Cybersecurity documentation.
Assist with the management of security aspects of the information system and perform day-to-day security operations of the system.
Track and ensure appropriate user identification and authentication mechanism of the information System (IS).
Obtain system authorization for ISs under their purview.
Plan and coordinate implementation of IT security programs and policies.
Manage and control changes to the system assessing the security impact of those changes.
Provide daily oversight and direction to contractor ISSOs.
Interact with customers, IT staff, and high-level corporate officers to define and achieve required Cybersecurity objectives.
Continuously developing and maintaining a safe work environment.
Completing all training requirements and fulfilling all self-aid/buddy aid responsibilities, participating in emergency response tasks and serving on safety committees and teams.
Consistently provide services that meet customer expectations.
Conform to the Amentum Quality Policy and carry out job activities in compliance with applicable Amentum Quality System documents and customer contracts.
Read and understand his/her Quality Management and Customer Satisfaction responsibilities.
Read, understand and implement the general and specific operational, safety, quality and environmental requirements of all plans, procedures and policies pertaining to his/her job.