ISSO - Information Systems Security Officer
TECHFORGE SOLUTIONS · Dayton, OH · 1 mo ago
On-siteInformation TechnologyFull-time
Responsibilities
- Aid in the implementation of the Enterprise Security Program.
- Support technical security activities related to aeronautical weapon systems, subsystems, and support systems such as software code reviews, vulnerability assessments, Program Protection Plans, CDRL development, and threat scenarios.
- Implement Information, Personnel, Physical, Industrial, and Communications Security.
- Support program protection, technology control, protection of FOUO information, and other information requiring protection, ensuring compliance with related DoD and AF instructions.
- Develop and implement common cybersecurity classification guidance.
- Manage and maintain secure servers and workstations.
- Operate and configure security controls on Windows/Linux operating systems/servers.
- Identify, recommend, and implement updates and improvements to information systems.
- Prepare for and support inspections by customer base.
- Maintain, update, and administer Information System Training.
- Create and maintain RMF documentation.
- Provide COMSEC support.
- Research, document, and make recommendations to update and streamline security policies, processes, procedures, and inspections.
- Assist the Facility Security Officer as needed.
- Support DCSA and other customer security reviews.
- Provide insight to support Cybersecurity Maturity Model Certification (CMMC).
- Perform other related duties as assigned.
Requirements
- A current Secret level government clearance is required, and therefore all candidates must be a U.S. citizen.
- A recently inactive clearance is acceptable, such that it can be reactivated.
- All candidates must be U.S. Citizens.
- All candidates must pass a background check.
- All candidates must validate education and certification requirements.
- Candidates must be able to maintain (at minimum) a Secret level DOD clearance throughout employment.
- Bachelor's Degree in a technical discipline (i.e. Computer Science, Information Systems, Computer Engineering, etc.) or needs a total of 7 years of experience in lieu of degree.
- 5+ years of experience as an ISSE with large multi-tiered security programs.
- Minimum 2-year ISSO experience is required.
- DoD 8570 compliance with IAT Level II (e.g. SSCP, Security+, CCNA-Security, or GSEC certification).
- Experience implementing DoD system accreditation processes (e.g. NIST-RMF, FedRAMP).
- Working knowledge of NIST/CMMC policies is required.
- Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools.
- Experience with NISPOM requirements.
- A working knowledge of TCP/IP suite of protocols and services, computer architectures, and network topologies, distributed architectures and cloud-based systems for big data applications is required.
- The ability to create, review, and edit authorization documentation for completeness and accuracy in accordance with federal and DoD policy.
- Experience assessing use case and operational risk of integrated open source, and GOTS/COTS software components.
- The ability to work independently and as part of a team is needed.
- Proactive personality with strong oral and written communication skills is required.
- Strong attention to detail is required.
- Strong organizational and administrative skills is required.
- Ability to multitask, managing multiple areas of responsibility/simultaneous projects running in parallel is required.
- Ability to work both independently and in a team environment is required.
Desired Skills
- DoD 8570 compliance with IASAE Level II (e.g. CSSLP, CISSP, or CASP certification).
- CISSP concentration in Engineering or Architecture is highly desired.
- Experience with maintaining appropriate facility security databases including, but not limited to, NISS, DISS, eMASS, e-QIP, SWFT.
- Completion of formal, Center for Development of Security Excellence (DCSA CDSE) is preferred.
- Knowledge of COMSEC operations and accountability.
- Knowledge of flight test authorization and flight safety.
- Familiar with Aircraft cybersecurity testing and Airworthiness safety programs.
- Experience with Azure, AWS, and/or Google cloud platforms is highly desired.