Information Systems Security Officer - 26-019
AUSGAR Technologies Inc. · San Diego, CA · 1 wk ago
Information Technology$125k–$150k/yrFull-time
About the role
The Information Systems Security Officer (ISSO) is responsible for implementing and maintaining cybersecurity controls for DoD classified information systems in compliance with RMF, NIST 800-53, STIGs, National Industrial Security Program Operating Manual (NISPOM), Joint Special Access Program Implementation Guide (JSIG) and related cybersecurity requirements.
Responsibilities
- Support the full Assessment and Authorization (A&A) lifecycle, including maintaining Authority to Operate (ATO) packages in eMASS/XACTA
- Conduct Continuous Monitoring (ConMon)
- Review security logs and audit evidence
- Manage Assured Compliance Assessment Solution (ACAS) vulnerability scans
- Track remediation activities and Plan of Action Milestones (POA&Ms)
- Support incident response procedures
- Administer security within Linux, virtualized and cloud-native environments, including AWS and Kubernetes
Requirements
- Must have a current Top-Secret clearance with the ability to obtain a TS/SCI security clearance.
- Security+ CE is required.
- Must have or be able to obtain within six months of hire, a DoD 8570 IAT Level III certification (CISSP, CASP+, CISA, GCED, GICSP, CGRC, etc.).
- Bachelor's degree in Cybersecurity, Information Technology, Information Systems or a related field from an accredited college or university; or equivalent combination of education and relevant professional experience.
- Two plus years of experience as an ISSO or ISSM.
- One to two years of experience securing cloud-native environments, including AWS and Kubernetes, with knowledge of container security, IAM, logging, monitoring, vulnerability management and compliance requirements.
- Experience maintaining Authority to Operate (ATO) packages within eMASS or XACTA and supporting RMF activities for classified systems.
- Experience conducting ACAS vulnerability scanning, vulnerability remediation tracking and POA&M management.
- Experience reviewing security logs, audit records, and compliance evidence to support Continuous Monitoring (ConMon) requirements.
- Experience implementing and maintaining security controls in accordance with NIST 800-53 and DoD cybersecurity requirements.
- Experience with Linux operating systems and command-line administration.
- Experience with virtualized environments and hypervisors.
- Knowledge of XACTA or eMASS.
- Knowledge of the A&A process for DoD information systems.
- Knowledge of NISPOM, DCSA A&A; Process Manual, JSIG, ICD 503/703, STIGs, RMF and associated NIST publications.
- Knowledge of incident handling and response procedures, including data spills involving unclassified and classified systems.
- Previous experience within the U.S. Department of Defense highly desired.
Preferred Qualifications
- Experience supporting TS/SCI and/or Special Access Program (SAP) environments.
- Experience supporting AWS GovCloud environments.
- Experience with Splunk, ACAS/Tenable, VMware vSphere/ESXi, and enterprise vulnerability management programs.
- Experience supporting Security Control Assessments (SCAs) and (ConMon) activities.
Benefits
Competitive salary, comprehensive benefits and a company that cares!
Pay
$125K-$150K based on qualifications.
Schedule
Full-time