Information Systems Security Officer
Modern Technology Solutions, Inc. (MTSI) · Patterson, OH · 1 wk ago
Information TechnologyFull-time
Role And Responsibilities
- Perform day-to-day maintenance of systems, including auditing and patch management
- Perform technical security assessments of complex systems
- Identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies
- Apply knowledge of IA policy, procedures, and workforce structure to implement secure networking, computing, and enclave environments
- Write authorization and accreditation (A&A) documentation and ensure the systems are operated and maintained in accordance with these security plans
- Enforce the design and implementation of trusted relationships among external systems and architectures
- Support security planning, assessment, risk analysis, and risk management for client systems and programs
- Interact with technical team members from multiple organizations in a diversified, team environment
- Identify overall security requirements for the proper handling of MTSI and client data
- Perform system or network designs that encompass multiple enclaves to include those with differing data protection/classification requirements
- Recommend system-level solutions to resolve security requirements
- Ensure all users have the requisite security clearances, authorizations, need-to-know, and are aware of their security responsibilities before granting access to client systems
- Conduct periodic reviews of information systems to ensure compliance with the security authorization package
- Perform key functions (above) and other security-related tasks as directed on multiple systems, at multiple sites, or for multiple clients
- Schedule, perform and maintain records of required IS auditing, patching, maintenance, software/hardware changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirements
- Avoidance of security incidents, and for investigating and reporting security violations and incidents
- Receive direction/guidance from the MTSI Program Manager and/or Govt technical lead; translate guidance into actionable tasks performed by the project team
- Manage/execute medium-large tech tasks
- Ensures assigned tech tasks are properly coordinated/ efficiently accomplished w/best available resources
- Serve as technical lead for time critical tech projects, test events/tasks requiring senior level tech expertise
- Coverage of assigned tech tasks
- Coordinate w/Project Manager to verify time phased requirements are identified to meet contractual required deadlines
- Accountable for the quality and timely delivery of all technical contract deliverables
- Ensure that task related products are consistent in format and content with overall project deliverables
- Routinely engage with Govt technical representative + tech leads for our teammates and subcontractors
- Acts as a resource/mentor for colleagues with less experience
- Works independently, with guidance in only the most complex situations
Required Skills
- Knowledge of federal security requirements and mandates (e.g., RMF, JSIG, FIPS, NIST)
- Strong Microsoft Windows background with some knowledge of UNIX/LINUX
- Familiarity with security procedures in a SCIF/SAPF environment
- Proficiency in multiple technical areas and application of advanced technical/analytical principles
- Experience in overseeing technical studies, complex analysis, and generating reports/presentations
- Project management or program management knowledge and experience
- Strong problem-solving skills, including breaking down complex problems and prioritizing tasks
- Excellent communication skills and ability to interface with senior-level customers and teammates
Required Competencies
- Collaboration/Teamwork: Engages others across roles through communication and mutual respect, shares insights, enabling effective teamwork to ensure collective success.
- Technical and Functional Skills: Leverages technical and functional expertise to deliver high performance, addresses challenges, and supports business needs while pursuing continuous skill development.
- Entrepreneurialism: Fosters innovation, evaluates ideas, and advances initiatives with sound judgment and organizational awareness to drive growth and impact.
- Communication: Communicates clearly and effectively, fostering understanding, collaboration, and alignment through active listening and impactful messaging.
- Customer Focus: Prioritizes customer needs, builds trust, and delivers exceptional service by using insights to drive improvements and strengthen relationships.
Qualifications
- Bachelor’s degree in Computer Science, Information Technology, Information Security, or related field
- Ten (10) years of experience working in an IA-related field and/or five (5) to eight (8) years of experience in IT with a heavy emphasis on systems administration
- In-depth knowledge of Microsoft Windows OS (client and server)
- CompTIA Security+ or higher-level DoD 8570.01/8140.03 certification
- Experience with Linux operating system (RedHat Enterprise Linux)
- Experience with XACTA-Experience using security hardening, collection, and assessment tools (e.g. SCC, Nessus, Splunk, etc.)
- Experience with security architectures, firewalls, and network access
- Experience with risk managed downloads, information systems sanitization and destruction, PEDs, contaminations, incident response, virus scanning, privileged user access, and hardware/software configuration management
- Experience with A&A documentation and system authorization artifacts