Information Systems Security Officer (ISSO), Senior

About The Position

Requirements

• Bachelor’s degree in a related field and at least 10 years of relevant experience. Additional experience may be substituted for a degree
• TS/SCI security clearance
• Current DOD 8570 Information Assurance Technician "IAT" Level II certification
• Must have at least 8 years of experience as ISSO working independently, and/or on teams maintaining secure information system operations
• Must have at least 5 years of experience using tools to support IAVA management
• Must have at least 5 years of experience using tools to support the preparation, maintenance, and management of SSPs and other security related documentation
• Direct experience with patch management, continuous monitoring, and vulnerability scanning/remediation activities including implementing a continuous monitoring plan across multiple security domains
• In-depth knowledge of and experience with tools used for vulnerability assessments such as ACAS, Nessus, SCAP, etc.
• In-depth experience completing security evaluations of software systems or architectures to ensure they meet security requirements
• In-depth experience proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies, preferably on a large IT program
• Demonstrated experience performing day-to-day security operations of large, complicated information and information processing systems
• Proven hands-on experience with the eMASS platform, including system registration, managing security controls, and developing A&A packages.
• Must have active Top Secret clearance with SCI eligibility
• Bachelor’s degree or equivalent in the fields of mathematics, telecommunications, electrical engineering, computer engineering, or computer science
• 10 Years of relevant experience
• DoD 8570 IAT Level II certification

Nice To Haves

• Master's degree in IT or related field
• Previous SAP experience
• Prior experience as an ISSM or ISSE
• DoD 8570 IAT or IAM Level III certification
• Familiarity with cloud computing and related security concepts as well as cross-domain solutions

Responsibilities

• Provide support for implementing and enforcing information systems security policies, standards, and methodologies.
• Analyze threats and develop and implement best practice methodologies for incident detection, reporting, and vulnerability remediation.
• Serve as a focal POC between the project team and the accreditation office
• Review/assess network diagrams and schematics
• Review and interpret system vulnerability scans and work with project team to resolve security issues
• Resolve inconsistencies and irregularities in the submission of A&A documentation
• Conduct self-assessments and create and submit assessment reports analyzing organizational risk to the Government client
• Manage software and hardware compliance, systems certification and accreditation, patch management, and continuous monitoring/scanning
• Maintaining systems as well as working with SETA and development contractors to prepare SSPs and work through the A&A processes.
• Generate and continually review/update the Body of Evidence (BOE) and artifacts
• Evaluate security solutions to ensure they meet security requirements for processing information.
• Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system/program/enclave.
• Develop and update system security plans and other IA documentation.
• Support Information Assurance Vulnerability Alerts (IAVAs) management (initiating IAVA responses and system security scans, completing remediation, extending IAVA patches and security updates to designated sites, etc.)
• Maintain comprehensive eMASS records by managing system documentation, assigning and validating security controls, and overseeing the Plan of Action and Milestones (POA&M) to track and resolve system vulnerabilities.
• Safety - Amentum enforces a safety culture whereby all employees have the responsibility for continuously developing and maintaining a safe work environment. As appropriate, each employee is responsible for completing all training requirements and fulfilling all self-aid/buddy aid responsibilities, participating in emergency response tasks and serving on safety committees and teams.
• Quality - Quality is the foundation for the management of our business and the keystone to our goal of customer satisfaction. It is our policy to consistently provide services that meet customer expectations. Accordingly, each employee must conform to the Amentum Quality Policy and carry out job activities in compliance with applicable Amentum Quality System documents and customer contracts. Each employee must read and understand his/her Quality Management and Customer Satisfaction responsibilities.
• Procedure Compliance - Each employee must read, understand and implement the general and specific operational, safety, quality and environmental requirements of all plans, procedures and policies pertaining to his/her job.

Benefits

• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement benefits (including 401(k) matching)
• Educational reimbursement
• Parental leave
• Employee stock purchase plan
• Tax-saving options
• Disability and life insurance
• Pet insurance