Poly

Amentum•Hanover, MD

2d•$165,000 - $195,000•Onsite

About The Position

Amentum is seeking an Information Systems Security Officer (ISSO) 2 for a new prime contract that is based out of our Maryland office. This role is crucial for providing support to a program, organization, system, or enclave's information assurance program. The ISSO 2 will be responsible for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. They will maintain the operational security posture for information systems, ensuring that security policies, standards, and procedures are established and followed. This position involves assisting with the management of security aspects of the information system and performing day-to-day security operations. A key part of the role includes evaluating security solutions to ensure they meet requirements for processing classified information and performing vulnerability/risk assessment analysis to support security authorization. The ISSO 2 will also be responsible for configuration management (CM) for information systems security software, hardware, and firmware, managing changes to the system, and assessing their security impact. Preparation and review of documentation, including System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs), is also a core responsibility. The role supports security authorization activities in compliance with the National Institute of Standards and Technology Risk Management Framework (NIST RMF).

Requirements

Eight (8) years of combined work-related experience in the fields of IT, cybersecurity or security authorization is required.
Experience in at least two of the following areas is required: knowledge of current security tools, hardware/software security implementation; communication protocols; or encryption tools and techniques.
Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services.
Compliance with DoD 8570.01-M with a minimum certification of IAM Level I is required.

Nice To Haves

Bachelor's degree in Computer Science, Cyber Security, IT Engineering or related field is required. In lieu of a Bachelor's degree, four (4) additional years of work-related experience may be substituted for a total of twelve (12) years.

Responsibilities

Provide support for a program, organization, system, or enclave's information assurance program.
Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
Assist with the management of security aspects of the information system and perform day-to-day security operations of the system.
Evaluate security solutions to ensure they meet security requirements for processing classified information.
Perform vulnerability/risk assessment analysis to support security authorization.
Provide configuration management (CM) for information systems security software, hardware, and firmware.
Manage changes to system and assess the security impact of those changes.
Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
Assist to preparation and maintenance of documentation.
Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information.
Assist with Configuration Management (CM) for information system security software, hardware, and firmware.
Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades.
Propose, coordinate, and implement information systems security policies, standards, and methodologies.
Develop and maintain documentation for Security Authorization in accordance with ODNI and DoD policies.
Provide CM for security-relevant information system software, hardware, and firmware.
Ensure compliance with system security policy.
Maintain operational security posture for an information system or program.
Provide support to the information System Security Manager (ISSM) for maintaining the appropriate operational Cybersecurity posture for a system, program, or enclave.
Develop and update the system security plan and other Cybersecurity documentation.
Assist with the management of security aspects of the information system and perform day-to day security operations of the system.
Track and ensure appropriate user identification and authentication mechanism of the Information System (IS).
Obtain system authorization for ISs under their purview.
Plan and coordinate implementation of IT security programs and policies.
Manage and control changes to the system assessing the security impact of those changes.
Provide daily oversight and direction to contractor ISSOs.
Interact with customers, IT staff, and high-level corporate officers to define and achieve required Cybersecurity objectives.