In order to apply for this or any other job you will need to log in.
The Information System Security Officer (ISSO) will be a key member of a team performing Cybersecurity Systems Engineering along with key functions supporting the Risk Management Framework (RMF) Assessment and Authorization (A&A) process for tactical systems.
The candidate will have the following responsibilities:
· Provide accurate technical evaluations of the software application, system, or network and documenting the security posture, capabilities, and vulnerabilities against applicable NIST controls.
· Selecting and implementing security controls, timely completion of accreditation packages, formulating and implementing mitigations and maintaining the security posture of systems.
· Identify, assess and mitigate system security threats/risks throughout a system’s lifecycle, validate system security requirements, formulate and maintain documentation and system certification and accreditation activities (planning, testing, assessing and coordinating).
· Documenting preliminary or residual security risks for system operation & manage and approve Authorization Packages.
· Monitoring and evaluating a system's compliance with Department of Defense (DoD) security, resilience, and dependability requirements including performing validation steps, comparing actual results with expected results and analyze the differences to identify impact and risks at the software application, system, and network levels.
· Work with team to provide solutions and to ensure continued functionality of systems within DoD RMF Framework
Additional duties as assignedIND3
· Degree: Bachelor’s Degree (engineering or another technical discipline)
· Experience creating and/or managing system eMASS package(s) to support system authorization.
· Experience with implementing and evaluating DoD STIG requirements, NIST RMF, IAVMs and Cybersecurity assessment tools (ACAS, Nessus, SCC, STIG Viewer)
· Knowledge of the Risk Management Framework (RMF) process, NIST security controls, and the Enterprise Mission Assurance Support Service (eMASS) is required.
· Knowledge of information system architecture and standards as they apply to cyber security
· Minimum 8570 IAT or IAM Level II Certification
· Ability to travel. Travel will be estimated around than 25% per year.
· Master’s Degree preferred
· 8570 IAT or IAM level III preferred (i.e. CISSP, CISA, CASP, GSLC, CAP, CASP, CISM)
· eMASS package and system continuous monitoring
· Experience in a DoD security environment preferred
· Candidates should have strong communication and writing skills; be able to work in a team-oriented environment supporting a diverse customer base comprised of program managers, engineers, analysts, specialists, and technicians; and strong attention to detail.
Candidate must be a US Citizen and possess (as well as maintain) a Final Secret Clearance.