Information System Security Officer (ISSO)
IPSecure, Inc · Patrick AFB, FL · 1 wk ago
On-siteInformation TechnologyFull-time
Responsibilities
- Work as part of an integrated team to develop and maintain RMF body of evidence documentation (example: System Security Plan, Security Controls Traceability Matrix, Plan of Action and Milestones, ATO’s) using Microsoft products such as Word, Excel, PowerPoint, and Visio.
- Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals.
- Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities.
- Supports the CISO, PM, ISSM or ISO in maintaining current authorization to operate, and approval to connect, and in implementing corrective actions identified in the plan of action and milestones.
- Carefully coordinates, with the CISO, PM, ISSM and AO staffs, development of an IS Configuration Management strategy and monitor any proposed or actual changes to the system and its environment.
- Ensure all security-related vulnerabilities and deficiencies are documented in the Plan of Action and Milestones (POA&M).
- Ensure the development and implementation of an effective information security education, training, and awareness program.
- Ensure configuration management policies and procedures for authorizing use of hardware/software on a system are followed and coordinate any additions, changes or modifications to hardware, software, or firmware with the ISSO/ISSM prior to the addition, change or modification.
- Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides (STIG)/security requirement guides).
- Report security incidents or vulnerabilities to the CISO/ISSM/wing cybersecurity office according to AFI 17-203, Cyber Incident Handling.
Requirements
- Bachelor’s degree, Cybersecurity or other related field and 3+ years of experience, or Master’s degree
- Active Top Secret security clearance w/SCI
- Experience working in information assurance or cybersecurity roles supporting classified DoD environments
- DoD 8570 IAM Level I (Security+) or higher baseline certification (CISSP preferred)
- Security+ w/CE’s certification
- Working knowledge of NIST 800-53 controls and RMF
- Experience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (example: Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker)
Qualifications
- Bachelor’s degree, Cybersecurity or other related field
- Master’s degree preferred
- 3+ years of experience in cybersecurity or related field
- Active Top Secret security clearance with SCI eligibility
- DoD 8570 IAM Level I (Security+) or higher baseline certification (CISSP preferred)
- Security+ w/CE’s certification
- Experience with NIST 800-53 controls and RMF
- Experience with endpoint security, vulnerability, and enumeration tools
Skills
- Strong communication skills
- Ability to work in an integrated team environment
- Knowledge of RMF and DoD security policies
- Experience with Microsoft Office Suite
- Experience with NIST 800-53 controls
- Experience with endpoint security tools
Benefits
- Medical, Dental, Vision coverage
- Unlimited vacation, sick leave
- Paid federal holidays
- Education and certification reimbursement program
- 401(k) retirement plan with safe harbor employer match after 3 months
- Prepaid legal plan and ID protection plan available
- Accident insurance
- Critical illness insurance
- Hospital indemnity insurance