Isso
About The Position
The NORAD Operations Group, selected by the Air Force Life Cycle Management Center’s Strategic Warning and Surveillance Systems Division, is responsible for the Operations, Maintenance, and Sustainment (OM&S) of critical mission systems for the North American Aerospace Defense Command (NORAD) Cheyenne Mountain Complex (NCMC). This support is provided through the Integrated Tactical Warning/Attack Assessment (ITW/AA) and Space Support Contract II (NISSC II). Since 2020, the group has delivered operations, maintenance, and sustainment for current and legacy systems involved in the surveillance and cataloging of manmade objects in space, mitigation of orbital conflicts, threat warnings and control from airborne, land-based, and space-based systems, operations and maintenance of classified communications, and software development and integration. NISSC II specifically supports classified communications and processing for Command and Control (C2) capability and legacy space C2 systems located at Cheyenne Mountain Space Force Station (CMSFS), Peterson Space Force Base (PSFB), Offutt Air Force Base, Vandenberg Space Force Base, and numerous sensor and forward operator sites globally.
Requirements
- 2-5 years practical DoD/USAF information security policy background with practical / hands-on experience applying RMF processes and principles within eMASS and/or Xacta
- 2-5 years experience developing and/or contributing to RMF body of evidence composition, applicable artifacts, and associated control families
- 2-5 years experience performing NIST 800-53 Control Assessments
- 2-5 years experience conducting Security Impact Analysis
- Must meet Requirements outlined in DoDM 8140.03 for Information System Security Manager (722)
- Possess a US Department of Defense security clearance (requires relinquishing foreign citizenship if dual citizen)
Nice To Haves
- Excellent analytical and problem-solving skills are crucial to conduct continuous assessments of network security measures and identify possible risks and provide risk prevention and mitigation
- Experience with cybersecurity policies and implementation of Risk Management Framework (RMF): e.g., DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series
- Experience in utilizing security-relevant tools such as ACAS, ESS, SCAP
Responsibilities
- Perform security analysis of operational and development environments, threats, vulnerabilities, and internal interfaces to define and assess compliance with accepted industry and government standards
- Support the Assessment and Authorization (A&A) processes under NIST Risk Management Framework (RMF) for new and existing information systems
- Coordinate auditing systems to ensure security posture integrity
- Support assessments and test/analysis data to document the state of compliance with security requirements
- Conduct periodic hardware/software inventory assessments
- Collaborate with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements
Benefits
- flexible work schedules
- educational reimbursement
- retirement benefits (401K match)
- employee stock purchase plan
- health benefits
- tax saving options
- disability benefits
- life and accident insurance
- voluntary benefits
- paid time off
- paid holidays
- parental leave
- Health, dental, and vision insurance
- Pet insurance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
5,001-10,000 employees
