Jobs · Information Technology · North Carolina

Information System Security Officer (ISSO)

MAG Aerospace · Fort Liberty, North Carolina, United States · 6 days ago
Information TechnologyFull-time

Position Summary

The MAG Team is seeking an experienced Information Systems Security Officer to support the Special Operations community based out of Ft. Liberty (formerly Ft. Bragg), NC. In this role, you will provide a variety of services leveraging the Risk Management Framework (RMF) accreditation. Services are associated with validation, approval, and sustainment of cybersecurity accreditation packages. Additionally, you will perform and analyze a range of Information Security Systems Officer activities and assist with the development and implementation of security policies.

Essential Duties And Responsibilities

  • Gather and translate customer requirements, interact with stakeholders from many areas, and lead efforts to ensure customer products and recommendations will meet customer information security policies in an ever-changing technical environment
  • Categorize the IT and the information processed, store, and transmitted by the system based on an impact analysis due to a loss of Confidentiality, Integrity, and Availability (CIA) impacts
  • Select an initial set of baseline security controls for the Information System (IS) based on the security categorization; overlay tailoring and supplementing the security control baseline as needed based on an organizational assessment of risk and local conditions
  • Authorize the IS based on the determination of the risk to the organizational operations, organizational assets, or to individuals resulting from the operation of the IS and the decision that this risk is acceptable
  • Monitor the security of the IS on a continuous basis including assessing control effectiveness, documenting changes to the system, conducting security impact analyses of the associated changes, and reporting the security status of the system to appropriate organizational officials on a regular basis
  • Review, prepare and update RMF authorization packages
  • Conduct assessments of information security controls to measure the effectiveness of controls and identify any gaps
  • Manage remediation efforts and report on the status of control deficiencies
  • Provide security expertise to business units and key stakeholders
  • Provide timely status updates/reporting on assessments and assigned projects

Requirements

  • Minimum Requirements: Knowledge and Skills in compliance with DoD Cyber Workforce 8570.01, Experience in Information Assurance / Cybersecurity, including development, integration, and implementation of cyber security and program protection standards for networking, computers, and custom applications, Thorough knowledge of the Department of Defense 8510.01 Risk Management Framework (RMF) for DoD Information Technology, DoD Instruction 8500.1 Cyber Security, DoD Directive 8140.01, Cyberspace Workforce Management, NIST 800 Special Publications, Federal Information Processing Standards (FIPS), and knowledge of current authorization practices, particularly within the DoD
  • Experience in creating and maintaining the security configuration baselines for Windows and Linux platforms, networking equipment, cloud technologies, and custom applications (i.e., Minimum Benchmarks: CIS, STIGS)
  • Provide subject matter expertise, advice and assistance in the planning, implementation, and accreditation of technology and solutions
  • Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Management Level IAM Level II
  • The minimum years of related experience required: 5+
  • Education: BS in Computer Science or Information Technology (or equivalent experience)
  • Other Qualifications: US Citizenship and Active DoD Top Secret Clearance w/SCI

Desired Requirements

  • Familiar with DIA assessments and accreditation documentation within the XACTA management platform
  • Familiar with eMASS - USSOCOM ENTERPRISE MISSION ASSURANCE SUPPORT SERVICES platform
  • Meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Management Level (IAM Level III)
  • Ability to read, review, and consolidate ACAS scans, DISA STIGS, and Websense results
  • Excellent interpersonal skills, including the ability to work on multi-functional teams
  • Display detailed knowledge and understanding of multiple technology infrastructures
  • To exhibit individual initiative to influence events and achieve goals. Be proactive and a self-starter, going beyond specific job responsibilities to ensure goals and achieved or exceeded

Similar jobs