Job Details
Summary:
The Information Systems Security Officer (ISSO) is responsible for supporting and defending classified networks hosted at the corporate level. They are cyber security professionals that are Subject Matter Experts (SME) supporting Department of Defense (DoD) programs ensuring classified information systems meet cyber security requirements and government directives by auditing, detecting, analyzing and mitigating cyber threats across multiple Enterprise networks
Duties and Responsibilities:
- Provide hands on technical assistance for complex systems/networks, cyber technology development/implementation, assessing threats/vulnerabilities, and supporting customer needs (meetings, calls, emails, demonstrations, etc.).
- Participate in planning and implementation of current and future security domains including those which may introduce new service areas (i.e., Cloud Computing, DevSecOps, etc.).
- Develop system documentation for information system authorization (authority to operate), security management, and continuous monitoring of both networked and standalone classified information systems.
- Perform system auditing, vulnerability risk assessments, Assured File Transfers, hardware/software configuration management, data integrity containments and investigations on IA related security violations/incidents.
- Proactive identification and resolution of security obstacles/issues affecting architectures and deployments.
- Perform other duties as assigned.
Education and Work Experience:
- Bachelor's degree from an accredited college in cyber security or a related discipline preferred.
- Minimum of two years of professional experience, two years of equivalent experience/combined education, or four years of professional experience all within the National Industrial Security Program (NISP) contracted defense industry.
- Possess a minimum of a DoD 8570 IAM Level-II Certification (i.e., Security+ CE).
- Possess DoD 8570 IAM Level III certification (i.e., CISSP, CASP+ CE, CISM) preferred.
- Minimum of "current DoD personal security clearance (Secret) with ability to obtain approval for special program access.
- Experience with Risk Managed Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint Special Access Program Implementation Guide (JSIG), NIST Special Publication (SP) 800-53, and NIST SP 800-171 requirements.
- Verifiable experience executing security hardening on diverse LINUX and Windows Operating Systems based on approved DISA STIGs and SRGs.
- Demonstrated expertise in the development and implementation of risk administration, developing system security plans (SSP), and associated accredited information system artifacts (e.g. POAM, SCTM, hardware and software baselines etc.)
- Experience in designing, developing, and integrating classified accredited information systems and networks in compliance with government regulations.
- Experience with standard security and network environment tools and applications.
- Knowledge of other security disciplines and how they impact and interact with information system security.
- Experience with network design processes, to include understanding of security objectives, operational objectives, and risk mitigation strategy for accredited information system.
- Experience with multi-tenancy infrastructure.
- Recognized cloud proficiency (CSSP, AWS, CSA, CompTIA Cloud+, CCSK, or others), preferred.
- Cloud integration experience.
Work Authorization/Security Clearance Requirements:
- Candidate must hold current or active Secret clearance for consideration.