Information System Security Officer - Isso

Information System Security Officer – Isso

Bachelor’s Degree with 5 years of experience managing and implementing security program requirements in a classified R&D environment, or an advanced degree with 3 years of experience working in Industrial Security, Information Assurance/Cyber, Special Programs, military or government information security programs an additional 5 years of related experience in lieu of degree
Active and transferable Top Secret U.S. government security clearance is required prior to start date
Compliance-based auditing using the Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), Joint SAP Implementation Guide (JSIG), National Industrial Security Program Operating Manual (NISPOM)
Certifications equivalent to or exceeding DoD 8570.01-M IAM Level II functional and baseline certification requirements
Knowledge and/or experience with STIGs, SCAP, Splunk or other system hardening and compliance, vulnerability assessment, and/or SIEM tools
Ability to obtain access to Special Access Programs
Must have Top Secret clearance and the ability to obtain a TS/SCI CI Poly Clearance
Security +

Assist the Information System Security Manage (ISSM) to provide oversight for the information systems security control methods, mitigations, and tools throughout a systems’ lifecycle in compliance with U.S. Department of Defense (DoD) security laws, regulations and guidelines
Participate in projects, guide and counsel internal customers, assist in developing and maintaining cross-security enclave processes and standards, and provide training and guidance on tools and methods to other members of the cybersecurity team
Primarily responsible for system compliance, auditing, security plan development and delivering information systems security education and awareness
Assist in investigating information system security violations and help prepare reports specifying corrective and preventative actions
Routinely collaborates with the facility security team, program personnel, and government representatives
Perform security sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.)
Assist in overseeing and managing the patch management process and execution across all RTX BBN security programs
Develop, update, and/or review RMF documentation to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Action and Milestone (POA&M), Risk Assessment Report (RAR), and Security Assessment Plan (SAP)

Experience in the execution of the Assessment & Authorization processes, as defined within the Risk Managed Framework (RMF)
Experience working in DoD classified operating environments
Experience with various information system security tools that address vulnerability analysis and mitigation
Experience interpreting, implementing, and assessing DISA STIGs
Familiarity with the execution and management of cyber incident response; preservation, containment, and eradication
Desired certifications: CISM, CISSP