Skip to content
Senior Cybersecurity Information System Security Officer – Isso
| Company | The Boeing Company |
|---|
| Location | Derby, KS, USA |
|---|
| Salary | $127500 – $172500 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior |
|---|
Requirements
- Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), computer science, engineering data science, mathematics, physics, or chemistry or non-US equivalent qualifications. In the United States, the Accreditation Board for Engineering and Technology (ABET) is the preferred, although not required, accreditation standard.
- IAM Level 2 DoD 8570.01 compliant certification (i.e. CAP, Security+ CE, CISSP, CASP, CISM, GSLC)
- 8+ years of experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS
- 8+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM)
- 8+ years of experience in assessing and documenting test or analysis data to show cybersecurity compliance.
Responsibilities
- Develops and deploys program information security for assigned systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures
- Leads change management activities as assigned by the ISSM, assisting stakeholders (system administrators, etc.) with the declaration and documentation of ports, protocols and services required for the information system
- Participates in remanence security risk management processes
- Execute procedures that identify and mitigate the residual risk and risk tolerance.
- Implements Risk Management Framework (RMF) processes, product development and product maintenance for assigned systems
- Performs security compliance continuous monitoring
- Leads security assessments and audits
- Prepares and presents technical reports and briefings
- Identifies root causes, the prioritization of threats, and recommends/implements corrective action
- Provides mentoring and technical leadership within the information security program team
- Explores the enterprise and industry for the evolving state of industry knowledge and methods regarding information security standard methodologies
- Leads development of MTS information security policies, standards, guidelines and procedures will affect other operating locations
- Leads compliance efforts for Defense Federal Acquisition Regulation Supplement (DFARS) and Cybersecurity Maturity Model Certification (CMCC) requirements based on contractual requirements for KC-46 MTS.
Preferred Qualifications
- Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC or CISM)
- 10+ years of experience with cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. DAAPM, CNSSI 1253, ICD-503, JSIG, and/or NIST SP 800 series
- 10+ years with the National Industrial Security Procedures and Operations Manual (NISPOM)
