Cybersecurity, Senior Information Systems Security Officer (ISSO)

About The Position

Requirements

• IAM Level I / IAT Level II certification commensurate with DoD 8570.1M requirements
• ISSO or relevant cybersecurity experience pertinent to the position, 4 or more years
• A minimum of a high school diploma.
• High level of personal motivation and initiative to learn and acquire new skills, and adapt seamlessly to an ever-changing security environment
• Customer focused, excellent communicator and ability to work with limited supervision.
• Strong organizational skills
• Able to interface with other IA team members, other security disciplines (industrial security, physical security, special programs security, etc.), program personnel and government security representatives.

Nice To Haves

• Working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
• Experience with the preparation for Assessment and Authorization’s.
• Experience with the development of core documentation including System Security Plans, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, and Configuration Management Plans.
• Experience with development and delivery of IA-related briefings and training material.
• Experience in conducting routine investigations of information systems security violations and incidents, reporting as necessary to management
• Ability to translate operational requirements into technical requirements and architectures needed to meet program objectives
• Experience with conducting all aspects of a self-inspection
• Experience with periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and integrity scans to determine compliance
• Prepares incident reports of analysis methodology and results
• Knowledge of new and emerging information technology (IT) and cybersecurity technologies.

Responsibilities

• Supporting adherence to all aspects of a rigorous Risk Managed Framework (RMF) compliance program as stipulated by NISPOM/DAAPM, JSIG, ICD 503, STIGs and associated NIST publications.
• Supporting the Information System Security Manager in obtaining and maintaining Authority to Operate (ATO) approvals for various systems by adhering to the Risk Management Framework (RMF).
• Ensuring all security certification and accreditation documents in relation to all classified systems are up to date.
• Ensuring continuous monitoring (e.g. weekly, monthly, etc.) in accordance with cognizant security authority requirements are being implemented and met.
• Supporting cybersecurity efforts throughout the RMF process for one or more assigned programs(s) to include supporting the development and management of System Security documentation, Plans of Action and Milestones (POA&Ms), assessing and auditing systems security controls, and continuous monitoring of controls.

Benefits

• health, dental, and vision insurance
• health savings accounts
• a 401(k) savings plan
• disability coverage
• life and accident insurance
• employee assistance program
• legal plan
• discounts on things like home, auto, and pet insurance
• paid time off
• paid holidays
• paid parental leave
• paid military leave
• paid bereavement leave
• any applicable federal and state sick leave
• company recognition program to receive monetary or non-monetary recognition awards