Jobs · Ohio

Information System Security Officer (ISSO)

Applied Research Solutions · Beavercreek, OH · 4 days ago
HybridFull-time

Responsibilities

  • Maintain the operational security posture of systems.
  • Monitor systems and environments for security compliance.
  • Develop and update System Security Plans (SSPs).
  • Manage and control system changes and assess their security impact.
  • Handle physical, personnel, and environmental security.
  • Conduct incident response and security awareness training.
  • Affiliate with the ISSM and assume ISSM duties when necessary.
  • Affiliate with the ISSM in meeting their duties and responsibilities.
  • Assure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package.
  • Report all security-related incidents to the ISSM.
  • Conduct periodic reviews of information systems to ensure compliance with the security authorization package.
  • Serve as a member of the CCB, if designated by the ISSM.
  • Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change.
  • Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization.
  • Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
  • Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
  • Ensure audit records are collected, reviewed, and documented (to include any anomalies).
  • Participate in joint agile backlog planning and provide feedback to the software development team and infrastructure teams around high to medium risk items that require information system owner approval.

Requirements

  • Must be a US citizen
  • Top Secret w/ SCI clearance
  • Minimum of 5 years of hands-on experience securing and monitoring pure cloud infrastructure within Microsoft Azure, with a focus on threat protection, posture management, and compliance enforcement.
  • Advanced technical competency and experience in one or more of the following areas: Active Directory Domain Services, Active Directory Federated Services, Active Directory Certificate Services, Windows Server Update Services, ePO, Splunk, STIG/SCAP, YUM, ACAS Automation, and Azure Monitor / Log Analytics.
  • Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard
  • Bachelor’s degree in computer science, Engineering, Finance, Business, or related field
  • Desired Certifications: Active Azure or Microsoft security-centric certification preferred, such as Microsoft Certified: Azure Security Engineer Associate (AZ-500), Cloud and AI Security Engineer Associate (SC-500), or Security Operations Analyst Associate (SC-200)

Similar jobs