Posted in

Information Systems Security Officer

Information Systems Security Officer

CompanyResearch Innovations
LocationMelbourne, FL, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
Degrees
Experience LevelMid Level, Senior

Requirements

  • Minimum 3 years of hands-on experience with Information Assurance/Cybersecurity architecture, requirements, determination, development, and implementation
  • Experience with security features and/or vulnerability of various operating systems as defined by NSA, NIST, DISA (STIGs) and/or USCYBERCOM
  • Experience with network and system security administration, including operating system security configuration and account management best practices for MS Windows and Linux
  • Experience with Information Assurance (IA) vulnerability testing and related network and system test tools; e.g., Security Content Automation Protocol (SCAP)
  • Experience with information security toolsets such as anti-virus, security information and event management (SEIM), and/or HIDS/ NIDS
  • Self-starter requiring limited direction and supervision
  • Experience implementing DoD and Federal Risk Management Framework, IA Certification and Accreditation Processes, IA controls and developing and maintaining associated certification and accreditation documentation
  • Assist in the implementation of the required government policy (i.e., DAAPM, NISPOM, JSIG), make recommendations on process tailoring, participate in and document process activities
  • Applying Defense Counterintelligence and Security Agency(DCSA) processes and National Industrial Security Program Operating Manual (32 CFR/NISPOM) requirements, Intelligence Community Directive (ICD)-503 publications, and the Committee on National Security Systems Instruction (CNSSI) 1253 to new or existing information systems

Responsibilities

  • Defining security requirements and design solutions, providing guidance and implementing direction related to security technologies
  • Applying Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 controls to obtain and/or maintain Authority to Operate for information systems
  • Participating in the development of technical and/or management controls and implementing services in accordance with NIST SP 800-171 requirements for protecting the Confidentiality of Controlled Unclassified Information (CUI)
  • Applying Defense Security Services (DSS) processes and National Industrial Security Program Operating Manual (NISPOM) requirements, Intelligence Community Directive (ICD)-503 publications, and the Committee on National Security Systems Instruction (CNSSI) 1253 to new or existing information systems
  • Performing analysis on security collected data and test results
  • Identifying and implementing security design and preparing and maintaining engineering and security related documentation
  • Providing technical advice related to system security, vulnerabilities, security architecture and security policies
  • Ensuring the rigorous application of information security information assurance policies and procedures
  • Working knowledge of classified environments and oversight on vulnerability assessments; defining, negotiating, and executing Assessment and Authorization (A&A) events
  • Conducting cyber security audits and risk assessments to ensure appropriate implementation and compliance of the security posture
  • Generating and maintaining information security documentation including Systems Security Plans (SSP) and related RMF artifacts
  • Scheduling, performing and maintaining records of required information system auditing, patching, maintenance, software/hardware changes, and malware scanning based on evolving threat/vulnerabilities and compliance requirements

Preferred Qualifications

  • Experience working in collateral closed spaces, SCIFs and/or SAPF.