Information System Security Officer
Kratos Defense and Security Solutions · Colorado Springs, CO · Yesterday
On-siteInformation Technology$89k/yrFull-time
Primary Responsibilities
- Perform security assessments such as vulnerability and compliance assessments, threat analysis, security code reviews, and risk assessments to identify potential design and implementation vulnerabilities.
- Participate in regular security self-inspections and audits.
- Affiliate with the selection and implementation of security controls and features for systems and applications.
- Identify new security features and recommend updates to existing products to ensure security is maintained throughout the product lifecycle.
- Perform security assessments on new and proposed products and technologies to ensure secure integration into the approved baseline.
- Provide product security engineering support and recommendations used to resolve integration and testing issues.
- Maintain a standardized set of security product requirements and produce metrics to report performance against those requirements.
- Review and define security diagnostics and tools to facilitate the analysis and reporting of security events.
- Affiliate with other teams with mitigating security risks, responding to product security incidents, and product security related issues.
- Participate in security architecture and design review meetings.
- Manage system access and revocation requests. Track and verify DoD certification requirements in accordance with DoD 8140 guidance.
Experience And Skills
- A solid knowledge of the DISA/DoD Risk Management Framework.
- CompTIA Security+ CE, CASP+, or equivalent cybersecurity certification.
- Experience with security controls, RMF, and STIGs.
- Familiarity with modern IT infrastructure capabilities to include virtualization, cloud deployment, and containerization.
- Self-motivated and comfortable with supporting multiple groups of developers, engineers, test, and deployment.
- Able to clearly communicate technical concepts orally and in written forms to internal and external audiences with technical and non-technical backgrounds.
- Capable of working in a fast-paced team environment.
- Excellent organizational and communication skills and able to effectively interact with managers and technical staff.
- Top Secret clearance with SCI eligibility required.
Preferred Skills And Experience
- 2 years as an ISSO or equivalent duties.
- Familiarity with eMASS, XACTA, or similar government systems of record.
- Familiarity with Zero Trust Architecture (ZTA) requirements.
- Experience with Windows and RHEL environments.
- Experience with AWS.
- Experience with security tools such in the following areas: Malicious code prevention and analysis (i.e., Trellix), Audit log analysis (Splunk, Greylog, etc.), Patch Management and Vulnerability Analysis (Tenable Security Suite & ACAS), and security tools which support the implementation of DISA STIGs (SCC, Evaluate STIG, STIG Viewer, etc.).