Information Systems Security Officer

About The Position

Requirements

• Bachelor's Degree and a minimum of 5 years of IT or cybersecurity management experience including security practices, risk management, and compliance. (A combination of education and experience can be used in lieu of a degree.)
• Minimum of 3 years of IT or cybersecurity experience in roles such as System Administrator, Network Administrator, Information Systems Security Officer (ISSO) or other related roles.
• Minimum 3 years of Linux (RHEL) administarion experience
• Experience with security tools and technologies used for monitoring and protecting information systems.
• Strong understanding of cybersecurity principles, practices, and standards.
• At a minimum, possession of DoD Directive 8570/8140 Information Assurance Technical or Manager Level I certification.
• DISA ACAS Training/Certified
• Active, in-scope US Government issued Top Secret clearance.

Nice To Haves

• Security+, CISSP, CISM certifications

Responsibilities

• Perform duties and responsibilities of an ISSO for networks when required.
• Support in the duties and responsibilities of managing the Common Configuration Control Board (CCB) process.
• Monitor and analyze security logs and alerts to detect and respond to security incidents in a timely manner.
• Assess and audit security systems, including firewalls, intrusion detection systems, and access control systems.
• Support in the continuous monitoring of security controls and vulnerabilities.
• Conduct regular risk assessments and vulnerability assessments to identify potential security threats and vulnerabilities.
• Maintain accurate and up-to-date records of RMF documentation, security assessment reports, Plans of Actions and Milestones (POA&Ms), and other relevant documents and uploaded into eMASS IAW DOW frequency requirements.
• Complete Security controls Revalidations for all authorizations within a 2-year period.
• Assist in authoring and editing Cybersecurity related documents such as ISA, CCB, CIE, MFR or other reports as assigned.
• Develop and deliver security awareness and training programs for all employees, contractors, and other stakeholders about cybersecurity, foster a culture of security within the organization, and reduce the risk of security incidents.
• Develop, update, and maintain internal IA continuity guides for the Cybersecurity program. Guides should encompass all aspects of task execution, including processes, procedures, and best practices.

Benefits

• AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.