Information System Security Officer
Information Systems Security Officer
Industry: Aerospace / Aviation / Defense
Job Category: Information Technology – Security
Job Description:
Performs ISSO duties under the guidance of the Information System Security Manager (ISSM) or a senior ISSO on assigned government-authorized systems. Knowledgeable in information technology and security. Responsibilities include: authoring and maintaining documentation supporting the Assessment & Authorization (A&A) of assigned systems in accordance with the Risk Management Framework (RMF) under the JSIG and NISPOM; performing security control assessments as part of the systems’ Continuous Monitoring Plan; overseeing configuration management of assigned systems; works with IT organization to develop device and system hardening guides following DISA and NIST guidelines; auditing systems to ensure security posture integrity; conducting periodic hardware/software inventory assessments; identifying system security controls shortcomings and developing POA&Ms; remediate control deficiencies; conducts, documents and reports annual self-assessments; maintaining operational information security posture for a system, program, or enclave; investigating security incidents such as data spills, data integrity and malicious events; authoring and delivering security education training to range of audience levels.
Qualifications:
- Bachelor’s degree from an accredited college in a related discipline or equivalent years of experience.
- Minimum Security+CE required
- Top Secret security clearance with the ability to get SCI
- 3+ years’ experience as an ISSO overseeing or managing cybersecurity on classified systems under JSIG, NISPOM Ch8, ICD 503, and/or NIST 800-53
- Experience developing, managing, providing evidence to close POA&Ms associated with the A&A and project management processes
- Able to work individually as well as part of a team
- Solid time management skills
- Experience with Microsoft operating systems
- Experience interpreting vulnerability scanning results (Nessus, Retina)
- Exceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills and ability to lead/mentor teammates
- High level of personal motivation and initiative to learn and acquire new skills
Preferred:
- Linux is a plus
- CISSP, CISA, CISM, or GSLC certification
- Experience reviewing workstation, server, firewall, & IPS logs
- Flexibility to adjust to changing requirements, schedules, and priorities
- Experience working in a military environment
- Able to socialize ideas, make recommendations, and gain team consensus
- An Active CI polygraph