Senior Information Systems Security Officer (ISSO)

About The Position

Requirements

• Must have a Bachelors Degree in Computer Science/Engineering/Cybersecurity or other relevant Engineering field from an accredited university with minimum 8 years of experience.
• Top Secret (TS) security clearance with eligibility for Secret Compartmented Information (SCI).
• Willingness to submit to a Counterintelligence Polygraph to achieve SAP Security Clearance within 6 months of hire.
• Possess a DoD 8140.03/8570.01 Information Assurance Manager II certification or able to obtain within 6 months of hire: CompTIA Security+, Cisco Certified CyberOps Associate, GIAC Security Essentials (GSEC), SSCP (Systems Security Certified Practitioner).
• Must have the ability to work in a dynamic environment and effectively interact with numerous DOD, military/civilian personnel, and industry partners.
• Working knowledge of Microsoft Office (Word, PowerPoint, and Excel).

Nice To Haves

• Experience with DEVOPS / DEVSECOPS operations and requirements.
• Knowledge of cyber tools such as Security Information and Event Management (SIEM) systems, vulnerability detection, scripting languages and/or programming language.
• Knowledge of Cloud Computing such as Amazon AWS and Microsoft Azure platforms.

Responsibilities

• Utilize Joint Special Access Program Implementation Guide (JSIG) /Risk Management Framework (RMF) to achieve and maintain Authorization to Operate (ATO), Interim Authorization to Test (IATT), and Authority to Connect (ATC) for all existing and new Information Systems (IS) that require accreditation to include on premise and cloud platforms.
• Broad knowledge of Information Technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption); computer networking concepts and protocols, and network security methodologies; network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Implement security policies and procedures including System Security Plans (SSP), Security Controls Traceability Matrices (SCTM), Risk Assessment Reports (RAR), Continuous Monitoring Plans (ConMon), Security Assessment Reports (SAR), and Plan of Actions and Milestones (POA&M).
• Strong ability to produce and maintain varied technical documentation, policy, and procedures such as: Ports Protocols and Services Management (PPSM) worksheets, system and network diagrams / descriptions, and Standard Operating Procedures (SOPs).
• Coordinate and perform security audits and system updates to identify nonstandard events and maintain system and information integrity.
• Play an active role in conducting continuous monitoring activities on Accredited Information Systems (AIS) environment of operation to include developing and updating the system artifacts as well as managing and controlling changes to the system.
• Conduct security impact analysis activities and provide to the Information Systems Security Manager (ISSM) on all configuration management changes to the authorization boundaries.
• Experience in reviewing and implementing secure configuration management techniques.
• Report Cyber incidents or vulnerabilities to the ISSM and/or government chain of command.
• Have expert knowledge of and hands on experience to configure and manage security tools and systems e.g., Security Technical Implementation Guides (STIGs), Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS) / Trellix / Splunk.
• Monitor and analyze network traffic for potential threats.
• Assisting in incident response and remediation efforts.
• Ensuring compliance with DoD cybersecurity standards.
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Practical experience in guiding systems through NIST SP 800-37 RMF steps, from Prepare to Monitor, using CNSSI 1253 to ascertain appropriate Confidentiality, Integrity, and Availability levels, and the NIST SP 800-53 controls associated with each level.
• Experience with Enterprise Mission Assurance Support Service (eMASS) and Xacta.

Benefits

• Medical insurance
• Dental insurance
• Vision insurance
• Paid time off
• 401(k)
• Life insurance
• Flexible work schedules
• Holidays to fit your busy lifestyle