Information Systems Security Officer I
General Dynamics Electric Boat · New London County, CT · 1 wk ago
Information TechnologyFull-time
Responsibilities
- Develop and maintain security plan documents (hardware and software baselines, diagrams, user lists)
- Review, track, and process configuration management changes and associated risk assessments
- Process user agreement forms, ensuring users complete necessary training and meet requirements for access
- Develop and maintain system specific policies and procedures
- Collaborate with system and network administrators to validate configurations and ensure compliance with technical security requirements
- Monitor and analyze system and user activity for indications of security concerns
- Monitor compliance with vulnerability management requirements
- Identify, document, and report non-compliance and security gaps, and support corrective action planning
- Supporting incident response activities
- Work closely with the Information System Security Manager (ISSM) and system stakeholders to maintain system accreditation and overall security posture
- Offer guidance and subject matter expertise on implementing and maintaining security controls
- Supporting internal and external inspections and assessments
- Auxiliary in assessment, authorization, and continuous monitoring activities throughout the system lifecycle
Requirements
- Minimum of A.S. Degree (or higher) in Cybersecurity, Information Technology (IT) or Equivalent, or related certifications OR a minimum of a high school degree and 1+ years related working experience
- 9+ months of experience with Windows and/or Linux operating systems and configuration and hardening standards
- 1+ years of experience with computer networking concepts
- Ability to obtain and maintain a DoD SECRET clearance
- Preferred Experience with the NISPOM, DAAPM, RMF process and NIST SP 800-53 Controls or the DFARS 252.204-7012, CMMC and NIST SP 800-171
- Experience with the Enterprise Mission Assurance Support Service (EMASS) or Supplier Performance Risk System (SPRS)
- Experience monitoring and analyzing user and system activity
- Experience with monitoring security relevant applications (e.g. audit collection, vulnerability management, Security Information Event Monitoring (SIEM))
- Two or more years of experience as an ISSO, System/Network Engineer/Architect/Administrator, or in an Equivalent RMF role
Qualifications
- Strong interpersonal, communication, organizational, and time management skills
- Ability to work independently, and collaboratively as part of a multi-functional team in a fast paced and challenging environment
- Strong documentation development and management skills