Senior Information Systems Security Officer (ISSO)

About The Position

Requirements

• BS degree in information systems or related technical field
• 7+ years information security experience with extensive RMF knowledge.
• Expert knowledge of NIST 800-53, RMF process, DoDI 8510.01, eMASS system, classified network operations.
• DoD 8140 IAT/IAM Level I/II certification
• Understanding of common operating systems (Windows, Linux/Unix, Cisco IOS/NX-OS)
• Maintain authorization packages within eMASS including all required documentation.
• Good writing and verbal presentation skills.
• Customer focused, excellent communicator.
• Collaborate with ISSMs, SCAs, PMs, and other stakeholders by providing necessary guidance and clarifications
• Experience leading security projects and initiatives.
• Expert hands-on experience interrupting compliance and vulnerability scanning tool reports from (XACTA, STIGS, ACAS, Trellix (HBSS), and/or other vulnerability scanners)
• Knowledge of client, server, data storage, and networking technologies
• Manage multiple information systems requiring continuous authorization to operate, assessments, POA&M mitigation and remediation, Security Assessment Reports (SARs), System Security Plans(SSPs).
• Understanding of the requirements and standards for Cloud security
• Familiarity with DevSecOps principles and Secure Software Development Lifecycle (SSDLC)
• Ability to troubleshoot, assess root cause, and resolve technical issues
• Innovative with strong analytical, problem-solving, organization and interpersonal skills
• Self-motivated; able to work independently with minimal direction
• An active TS/SCI clearance is required
• Must have experience working with Special Access Programs (SAPs)

Nice To Haves

• IAM Level II (CAP, CASP, CISM, CISSP) or comparable certification in accordance with DoD 8140.
• Knowledge in monitoring and conducting Security Control Assessment to ensure all controls meet security requirements as stipulated in the SSP, NIST SP 800-53, JSIG.
• Understanding of maintenance and inventory process for information Security Systems.
• Experience in coordinating with Leadership across the organization to ensure timely compliance.
• Experience in developing waivers and exceptions for information system vulnerabilities.
• Knowledge of quality assurance, quality control, and independent verification and validation techniques.
• Experience working in a corporate environment and working with a diverse user population and a global enterprise.

Responsibilities

• Serve as an Information Systems Security Officer (ISSO) at our Beavercreek, OH Area location working with the Site IA in support of a KBR Information Systems.
• Candidate will perform extensive assessments of systems and networks within the networking environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.
• Candidate will achieve this through passive evaluations (compliance audits) and active evaluations (vulnerability assessments).
• Assists in the implementation of the required government policy (i.e., JSIG, NISPOM, SP-800-171, SP-800-53, RMF) for site-hosted information systems and makes recommendations on process tailoring.
• Performs extensive analyses to validate established security requirements and to recommend additional security requirements and safeguards.
• Periodically conducts of a review of each system's audits and monitors corrective actions until all actions are closed.

Benefits

• KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule.
• We support career advancement through professional training and development.