eWAN Information System Security Officer (ISSO) Onsite
About The Position
The ISSO assists the Information System Security Manager (ISSM) to provide oversight for the information systems security control methods, mitigations, and tools throughout a systems’ lifecycle in compliance with U.S. Department of Defense (DoD) security laws, regulations and guidelines. The ISSO will participate in projects, guide and counsel internal customers, assist in developing and maintaining program/dataset specific processes and standards, and provide training and guidance on tools and methods to other members of the cybersecurity team. What You Will Do The ISSO is primarily responsible for system compliance, auditing and delivering information systems security education and awareness. The ISSO will assist in investigating information system security violations and help prepare reports specifying corrective and preventative actions. Perform security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.). Assists in overseeing and managing the patch management process and execution across enterprise networks. Verifying the implementation of delegated aspects of the system security program. Ensuring audit records are collected and analyzed in accordance with the security plan. Individuals will develop, update, and/or review Risk Management Framework (RMF) documentation to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Action and Milestone (POA&M), Risk Assessment Report (RAR), as assigned by the ISSM. Collaborates with CDS and peer BU ISSMs/ISSOs for alignment and sharing of best practices.
Requirements
- Bachelor’s Degree with 5 years of relevant experience managing and implementing security program requirements in a classified environment, or an advanced degree with 3 years of relevant experience working in a classified environment.
- Compliance-based auditing using the RMF, Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM), or National Industrial Security Program Operating Manual (NISPOM).
- Certifications equivalent to or exceeding DoD 8570.01-M IAM Level I functional and baseline certification requirements.
- Knowledge and/or experience with STIGs, SCAP, Splunk, Tenable or other system hardening and compliance, vulnerability assessment, network security and/or SIEM tools.
Nice To Haves
- Experience working in DoD classified operating environments and/or in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF), NIST 800-53- Rev 4
- Experience with Scaled Agile Framework (SAFe) work practices.
- Experience with large multi-facility networks including various and complex components.
- Excellent oral and written communication skills with attention to detail and ability to multitask.
- Ability to adapt to rapidly changing environment and work under pressure to meet project deadlines.
Responsibilities
- system compliance
- auditing
- delivering information systems security education and awareness
- assisting in investigating information system security violations
- helping prepare reports specifying corrective and preventative actions
- performing security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.)
- assisting in overseeing and managing the patch management process and execution across enterprise networks
- verifying the implementation of delegated aspects of the system security program
- ensuring audit records are collected and analyzed in accordance with the security plan
- developing, updating, and/or review Risk Management Framework (RMF) documentation to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Action and Milestone (POA&M), Risk Assessment Report (RAR), as assigned by the ISSM
- collaborating with CDS and peer BU ISSMs/ISSOs for alignment and sharing of best practices
Benefits
- parental (including paternal) leave
- flexible work schedules
- achievement awards
- educational assistance
- child/adult backup care
- medical
- dental
- vision
- life insurance
- short-term disability
- long-term disability
- 401(k) match
- flexible spending accounts
- employee assistance program
- Employee Scholar Program
- paid time off
- holidays
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
