Cybersecurity – Information System Security Officer (ISSO)
Boeing · Oklahoma City, OK · 4 days ago
Information Technology$98k–$132k/yrFull-time
Position Responsibilities
- Assist in the development and deployment of program information security for assigned systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures
- Implement Risk Management Framework (RMF) processes, product development and product maintenance for assigned systems
- Perform security compliance continuous monitoring
- Participate in security assessments and audits
- Prepare and present technical reports and briefings
- Identify root causes, prioritize threats, and recommend/implement corrective action
- Mentor and lead the information security program team
- Support development of enterprise-wide information security policies, standards, guidelines and procedures
- Support Defense Federal Acquisition Regulation Supplement (DFARS) and Cybersecurity Maturity Model Certification (CMCC) requirements based on contractual requirements for assigned programs
Basic Qualifications
- Successfully completed Tier 5 Investigation (T5), formerly known as a Single Scope Background Investigation (SSBI) by the federal government within the last 5 years, or requires candidate to have been enrolled in a Continuous Vetting program within the last 5 years
- IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification (i.e. CAP, Security+ CE, CISSP, CASP, CISM, GSLC)
- 3+ years of experience in cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series
Preferred Qualifications
- 3+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs
- 3+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
- 3+ years of experience assessing and documenting test or analysis data to show cyber security compliance