Jobs · Information Technology · California

Information Systems Security Officer - 26-019

AUSGAR Technologies Inc. · San Diego, CA · 1 wk ago
Information Technology$125k–$150k/yrFull-time

About the role

The Information Systems Security Officer (ISSO) is responsible for implementing and maintaining cybersecurity controls for DoD classified information systems in compliance with RMF, NIST 800-53, STIGs, National Industrial Security Program Operating Manual (NISPOM), Joint Special Access Program Implementation Guide (JSIG) and related cybersecurity requirements.

Responsibilities

  • Support the full Assessment and Authorization (A&A) lifecycle, including maintaining Authority to Operate (ATO) packages in eMASS/XACTA
  • Conduct Continuous Monitoring (ConMon)
  • Review security logs and audit evidence
  • Manage Assured Compliance Assessment Solution (ACAS) vulnerability scans
  • Track remediation activities and Plan of Action Milestones (POA&Ms)
  • Support incident response procedures
  • Administer security within Linux, virtualized and cloud-native environments, including AWS and Kubernetes

Requirements

  • Must have a current Top-Secret clearance with the ability to obtain a TS/SCI security clearance.
  • Security+ CE is required.
  • Must have or be able to obtain within six months of hire, a DoD 8570 IAT Level III certification (CISSP, CASP+, CISA, GCED, GICSP, CGRC, etc.).
  • Bachelor's degree in Cybersecurity, Information Technology, Information Systems or a related field from an accredited college or university; or equivalent combination of education and relevant professional experience.
  • Two plus years of experience as an ISSO or ISSM.
  • One to two years of experience securing cloud-native environments, including AWS and Kubernetes, with knowledge of container security, IAM, logging, monitoring, vulnerability management and compliance requirements.
  • Experience maintaining Authority to Operate (ATO) packages within eMASS or XACTA and supporting RMF activities for classified systems.
  • Experience conducting ACAS vulnerability scanning, vulnerability remediation tracking and POA&M management.
  • Experience reviewing security logs, audit records, and compliance evidence to support Continuous Monitoring (ConMon) requirements.
  • Experience implementing and maintaining security controls in accordance with NIST 800-53 and DoD cybersecurity requirements.
  • Experience with Linux operating systems and command-line administration.
  • Experience with virtualized environments and hypervisors.
  • Knowledge of XACTA or eMASS.
  • Knowledge of the A&A process for DoD information systems.
  • Knowledge of NISPOM, DCSA A&A; Process Manual, JSIG, ICD 503/703, STIGs, RMF and associated NIST publications.
  • Knowledge of incident handling and response procedures, including data spills involving unclassified and classified systems.
  • Previous experience within the U.S. Department of Defense highly desired.

Preferred Qualifications

  • Experience supporting TS/SCI and/or Special Access Program (SAP) environments.
  • Experience supporting AWS GovCloud environments.
  • Experience with Splunk, ACAS/Tenable, VMware vSphere/ESXi, and enterprise vulnerability management programs.
  • Experience supporting Security Control Assessments (SCAs) and (ConMon) activities.

Benefits

Competitive salary, comprehensive benefits and a company that cares!

Pay

$125K-$150K based on qualifications.

Schedule

Full-time

Similar jobs