Information Systems Security Officer (ISSO)

About The Position

Requirements

• Bachelor’s degree in computer, information systems management or related field from an accredited college or university or equivalent experience.
• 4 years’ experience as an ISSO.
• Experience with DOD 8500.01, Risk Management Framework (RMF) requirements as well as experience in drafting, submitting, and maintaining RMF packages.
• Experience with Joint Special Access Program (SAP) Implementation Guide (JSIG) packages is required.
• Experience in development and maintaining of RMF Documents including System Security Plans (SSP), System Security Checklists, Privacy Impact Assessments, and Authority to Operate (ATO) artifacts.
• Experience in developing Plan of Action and Milestones (POA&M)
• Knowledge of independent verification and validation techniques is required.
• Experience working independently and as part of a team in researching data, developing analytical techniques and methodologies is required.
• A current Information Assurance Manager (IAM) Level I (CAP, Security+ CE) or comparable certification in accordance with DoD 8570.01-M.
• Applicant selected is subject to a United States Government security investigation and must meet eligibility requirements for access to classified information.
• A current Top Secret clearance with SCI eligibility or have had a Background Investigation completed within the last 6 months, is required.

Nice To Haves

• IAM Level II (CAP, CASP, CISM, CISSP) or comparable certification in accordance with DoD 8570.01-M.
• Knowledge in monitoring and conducting Security Control Assessment to ensure all controls meet security requirements as stipulated in the SSP, NIST SP 800-53, JSIG.
• Understanding of maintenance and inventory process for information Security Systems.
• Experience in coordinating with Leadership across the organization to ensure timely compliance.
• Experience in developing waivers and exceptions for information system vulnerabilities.
• Knowledge of quality assurance, quality control, and independent verification and validation techniques.
• Experience working in a corporate environment and working with a diverse user population and a global enterprise.

Responsibilities

• Serve as an Information Systems Security Officer (ISSO) at our Beavercreek, OH Area location working with the Site IA in support of a KBR Information Systems.
• Perform extensive assessments of systems and networks within the networking environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.
• Achieve this through passive evaluations (compliance audits) and active evaluations (vulnerability assessments).
• Perform Information Assurance and IT Security tasks to ensure the secure operation of the KBR information systems as a part of the KBR Information Assurance Operations team.
• Establish strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of systems.
• Provide process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
• Assist in the implementation of the required government policy (i.e., JSIG, NISPOM, SP-800-171, SP-800-53, RMF) for site-hosted information systems and make recommendations on process tailoring.
• Perform extensive analyses to validate established security requirements and to recommend additional security requirements and safeguards.
• Periodically conduct a review of each system's audits and monitor corrective actions until all actions are closed.

Benefits

• 401K plan with company match
• medical
• dental
• vision
• life insurance
• AD&D
• flexible spending account
• disability
• paid time off
• flexible work schedule
• career advancement through professional training and development