Jobs · Information Technology · Florida

Information System Security Officer (ISSO)

IPSecure, Inc · Patrick AFB, FL · 1 wk ago
On-siteInformation TechnologyFull-time

Responsibilities

  • Work as part of an integrated team to develop and maintain RMF body of evidence documentation (example: System Security Plan, Security Controls Traceability Matrix, Plan of Action and Milestones, ATO’s) using Microsoft products such as Word, Excel, PowerPoint, and Visio.
  • Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals.
  • Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities.
  • Supports the CISO, PM, ISSM or ISO in maintaining current authorization to operate, and approval to connect, and in implementing corrective actions identified in the plan of action and milestones.
  • Carefully coordinates, with the CISO, PM, ISSM and AO staffs, development of an IS Configuration Management strategy and monitor any proposed or actual changes to the system and its environment.
  • Ensure all security-related vulnerabilities and deficiencies are documented in the Plan of Action and Milestones (POA&M).
  • Ensure the development and implementation of an effective information security education, training, and awareness program.
  • Ensure configuration management policies and procedures for authorizing use of hardware/software on a system are followed and coordinate any additions, changes or modifications to hardware, software, or firmware with the ISSO/ISSM prior to the addition, change or modification.
  • Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides (STIG)/security requirement guides).
  • Report security incidents or vulnerabilities to the CISO/ISSM/wing cybersecurity office according to AFI 17-203, Cyber Incident Handling.

Requirements

  • Bachelor’s degree, Cybersecurity or other related field and 3+ years of experience, or Master’s degree
  • Active Top Secret security clearance w/SCI
  • Experience working in information assurance or cybersecurity roles supporting classified DoD environments
  • DoD 8570 IAM Level I (Security+) or higher baseline certification (CISSP preferred)
  • Security+ w/CE’s certification
  • Working knowledge of NIST 800-53 controls and RMF
  • Experience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (example: Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker)

Qualifications

  • Bachelor’s degree, Cybersecurity or other related field
  • Master’s degree preferred
  • 3+ years of experience in cybersecurity or related field
  • Active Top Secret security clearance with SCI eligibility
  • DoD 8570 IAM Level I (Security+) or higher baseline certification (CISSP preferred)
  • Security+ w/CE’s certification
  • Experience with NIST 800-53 controls and RMF
  • Experience with endpoint security, vulnerability, and enumeration tools

Skills

  • Strong communication skills
  • Ability to work in an integrated team environment
  • Knowledge of RMF and DoD security policies
  • Experience with Microsoft Office Suite
  • Experience with NIST 800-53 controls
  • Experience with endpoint security tools

Benefits

  • Medical, Dental, Vision coverage
  • Unlimited vacation, sick leave
  • Paid federal holidays
  • Education and certification reimbursement program
  • 401(k) retirement plan with safe harbor employer match after 3 months
  • Prepaid legal plan and ID protection plan available
  • Accident insurance
  • Critical illness insurance
  • Hospital indemnity insurance

Similar jobs