Information System Security Officer
About the role
Kratos engineers and deploys technology and systems that move national security forward, with the cost, speed, and reliability that make readiness certain. We are a trusted partner—driven by doing the right thing and achieving maximum success for our customers, our partners and ourselves.
Responsibilities
- Perform security assessments such as vulnerability and compliance assessments, threat analysis, security code reviews, and risk assessments to identify potential design and implementation vulnerabilities.
- Participate in regular security self-inspections and audits.
- Affiliate with the selection and implementation of security controls and features for systems and applications.
- Identify new security features and recommend updates to existing products to ensure security is maintained throughout the product lifecycle.
- Perform security assessments on new and proposed products and technologies to ensure secure integration into the approved baseline.
- Provide product security engineering support and recommendations used to resolve integration and testing issues.
- Maintain a standardized set of security product requirements and produce metrics to report performance against those requirements.
- Review and define security diagnostics and tools to facilitate the analysis and reporting of security events.
- Affiliate with other teams with mitigating security risks, responding to product security incidents, and product security related issues.
- Participate in security architecture and design review meetings.
- Manage system access and revocation requests.
- Track and verify DoD certification requirements in accordance with DoD 8140 guidance.
- Travel to the customer’s sites to address operational issues that arise around CCS-C security tooling/infrastructure.
Requirements
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. citizenship is required. Travel to customer sites and other program locations may be required.
Qualifications
- A solid knowledge of the DISA/DoD Risk Management Framework.
- Experience with Tenable/Nessus Vulnerability scanner or equivalent.
- Experience with Trellix ENS/HX or equivalent.
- Experience with Graylog, Splunk, or equivalent SIEM technology.
- CompTIA Security+ CE, CASP+, or equivalent cybersecurity certification.
- Experience with security controls, RMF, and STIGs.
- Familiarity with modern IT infrastructure capabilities to include virtualization, cloud deployment, and containerization.
- Self-motivated and comfortable with supporting multiple groups of developers, engineers, test, and deployment.
- Able to clearly communicate technical concepts orally and in written forms to internal and external audiences with technical and non-technical backgrounds.
- Capable of working in a fast-paced team environment.
- Excellent organizational and communication skills and able to effectively interact with managers and technical staff.
- A strong familiarity with cloud technologies and compliance requirements for cloud.
- Top Secret clearance with SCI eligibility required.
- Candidates with Special Access Program (SAP) experience are highly valued.
Skills
- Experience as an ISSO or equivalent duties.
- Familiarity with eMASS, XACTA, or similar government systems of record.
- Familiarity with Zero Trust Architecture (ZTA) requirements.
- Experience with Windows and RHEL environments.
- Experience with AWS or related Cloud Service Providers.
Benefits
Medical, Dental & Vision Insurance Coverage
Life/ADD & Short/Long Term Disability Insurance
401(k) Savings Plan
Employee Stock Purchase Plan (ESPP)
Paid Time-Off (PTO)
Holidays
Pay
The grade-based pay range for this job is listed below. Individual salaries within that range are determined through a wide variety of factors including but not limited to education, experience, knowledge, and skills. Competitive salary based on experience and education.
Salary Range: $89,000-$125,000
Schedule
Not specified
Benefits
Not specified
Pay Transparency
Not specified