Information System Security Officer

About The Position

Requirements

• Bachelor's degree coupled with a minimum of four years' applicable, related experience; Associate with six years' or Master's and two years. Equivalent relevant experience and/or certifications may be considered in lieu of degree.
• Must possess CompTIA Security+ CE certification
• Currently hold active DoD Secret clearance with ability to obtain Top Secret.
• Cybersecurity, systems security or hardening, Information Technology
• Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Guide (DAAG), National Industrial Security Program Operating Manual (NISPOM)
• Working with and/or supporting computer technologies (such as: databases, operating systems, computer network hardware, software programs, hardware troubleshooting or electronics)
• Physical security, Project or program management, office management, senior administration, or account management
• Security configurations across multiple operating systems in various environments, to include Windows, Linux, utilizing Active Directory/Group Policy, Delinea, etc. is required.
• Organization and self-motivation with excellent documentation skills and the ability to work with minimal supervision.

Nice To Haves

• Experience with IT (Windows, Linux) and/or security related certifications (CISSP, CISM, CISA, etc.) is preferred.
• Experience working in DoD classified operating and/or laboratory environments
• Experience with various information system security tools that address vulnerability analysis and mitigation. These may include SPLUNK, Trellix, SolarWinds, Tenable, SCAP, STIG Viewer.
• Familiarity with implementation of Government directives and policies derived from NIST, STIG, DoD, or other Government Regulatory compliance standards within a professional industry
• Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF), eMASS
• Experience providing technical security consultation for complex, cross-domain, heterogeneous classified networked environments in collaboration with internal/external Customers, Information Technology (IT)
• Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication

Responsibilities

• Auditing information systems to ensure compliance with security policies and procedures while reporting any discrepancies to the ISSM, P-ISSM, ISO or FSO.
• Assisting in the Risk Management Framework (RMF) authorization process by developing and maintaining artifacts for the IS Body of Evidence (BoE).
• Reviewing and approving Configuration Management (CM) requests, within delegated authority, for all related hardware, software, and security‑relevant functions, ensuring proper documentation and maintenance throughout the CCB approval process
• Assisting with sanitization and release of hardware in accordance with security policies or Authorizing Official (AO) guidance.
• Testing/evaluation and application of required technical security controls and periodic inspections of information systems
• Assessing and monitoring system compliance, auditing, security plan development and delivering information systems security education and awareness
• Investigating information system security violations and help prepare reports specifying corrective and preventative actions
• Conducting technical and administrative assessments
• Integrating new cybersecurity processes, procedures, and tools
• Support the creation, review and update of cybersecurity documentation and other technical writing

Benefits

• Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement.