Information Systems Security Officer

About The Position

Requirements

• 5+ years of experience supporting the Information Technology (IT) systems for a DoD or government agency
• 5+ years of experience supporting Navy Risk Management Framework (RMF) for classified and Special Access Program (SAP) systems, including Assessment and Authorization (A&A) activities and direct development of RMF artifacts and deliverables across all steps
• 5+ years of experience performing cybersecurity compliance testing using industry standard tools, including Assured Compliance Assessment Solution (ACAS), DoD Security Technical Implementation Guides (STIG), Evaluate-STIG, and SCAP
• Experience with event correlation analysis, alert triage, log integrity checks, anomaly detection, performance validation, processing account request, auditing group memberships and reviewing account changes, assuring adherence to media control policies, preventing unauthorized data exposures, and maintaining system compliance with SAP policies
• Experience with network engineering functions, including Windows, Linux, and virtual operating systems, security tools, platforms, and technologies, including network and web application firewalls, web proxy, intrusion prevention systems, vulnerability scanners, and penetration tools
• Ability to devise and execute client deliverables, work independently, identify problems and devise analysis and solutions, communicate results, and lead the accomplishments of client tasks from inception to completion
• TS/SCI clearance with a polygraph
• HS diploma or GED
• DoD 8140 Certification

Nice To Haves

• Experience with eMASS
• Experience with Grafana
• Experience as a Navy Qualified Validator
• Knowledge of DoD enterprise and tactical networks, including Security Operations Center (SOC) and battlespace management systems
• Knowledge of systems engineering, information technology, cloud architecture, and virtualization
• Ability to learn new technologies, implement updated rigorous security controls, and articulate industry best practice cybersecurity and threat-based cybersecurity frameworks and trends
• Bachelor’s degree in a Technology field
• Linux OS Certification
• CISSP, CEH, or CISA Certification

Responsibilities

• Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management.
• Implement infrastructure and cybersecurity controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises.
• Perform risk and vulnerability assessments in network, system, and application areas.
• Leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise.

Benefits

• Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care.
• Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values.
• Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs.