Information System Security Officer (ISSO) for Innovative Defense Technologies (IDT) in Fall River, Massachusetts (salary not disclosed) STIG
Description/Background Info Innovative Defense Technologies (IDT), a provider of automated software...
Description/Background Info
Innovative Defense Technologies (IDT), a provider of automated software testing, data analysis, and cybersecurity solutions for complex, mission-critical systems in the US Department of Defense (DOD), is seeking an Information System Security Officer (ISSO) to support its Fall River, MA office.
Overview:
An Information System Security Officer (ISSO) is a key member of the security team that supports the Assessment and Authorization (A&A) process for information systems under the jurisdiction of the Defense Counterintelligence and Security Agency (DCSA). The ISSO is responsible for ensuring that the information system complies with the security requirements and controls specified in the DCSA Defense Assessment and Authorization Process Manual (DAAPM) and other applicable policies and regulations.
All applicants must currently possess an active U.S. Security Clearance
Responsibilities Include:
- Coordinate with the Information System Security Manager (ISSM) and Facility Security Officer (FSO) to ensure the highest level of cybersecurity compliance for classified information systems
- Maintain the Information Systems (IS) security program and policies for assigned areas of responsibility
- Review and analyze all audit data at least weekly to ensure user activity adheres to operational security policy and procedures
- Support ISSM oversight of operational IS security implementation policy and Risk Management Framework (RMF) guidelines to the system administrators for each enclave
- Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
- Conduct assessments and periodic testing of information systems security requirements, evaluate current security posture and recommend priorities for remediation; provide corrective action responses as they pertain to self-inspections
- Support ISSM in the development and documentation of the Plan of Action and Milestones (POA&M) for each Classified IS enclave and produce actions to mitigate identified risks
- Perform tasks related to the Continuous Monitoring (ConMon) plans that include auditing, software and hardware configuration management updates, and vulnerability assessments
- Ensure all systems are operated and maintained in accordance with documented security policies and procedures
- Perform comprehensive investigations of security incidents and ensure proper measures are taken post discovery of the incident/event
- Support the System Administrators (SAs) and ISSM on reviews of quarterly STIG compliance as it relates to Operating Systems and applications
- Assist SAs with implementation of user additions, deletions, and changes on the classified IS when required or SAs are unavailable
- Support the preparation and demonstration of compliant classified IS’s in advance of a DCSA assessments
- Ability to travel up to approximately 10%
- Other duties as assigned
- Minimum Required Qualifications:
- A bachelor’s degree in Engineering, Computer Science, Information Technology, or equivalent
- 5 or more years of relevant experience, preferably in a security position
- DoD Directive 8140.03 (previously DoD 8570): candidate must meet the requirements of an IAT Level II as a condition of employment.
- Required Skills:
- eMass experience
- RMF Continuous Monitoring Tooling and Systems (ACAS/Tenable, STIGViewer, etc)
- SIEM tools (Wazuh, Splunk, SolarWinds Security Event Manager)
- Cybersecurity tools (Tenable Security Center, Trellix ePO, Tanium, WSUS, RedHat Satellite)
- Linux (Red Hat)
- National Industrial Security Program Operating Manual (NISPOM), The 32 Code of Federal Regulations Part 117 and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirements
- Preferred Skills:
- Writing Policy and Procedure documentation
- Experience in working on classified systems in a DCSA accredited environment
- DCSA Authorization and Assessment Experience
- NIST 800-53 Security Control Experience
- ESXi OS
- Experience with tactical systems, virtualization
- Competencies:
- Excellent verbal and written communication skills
- Attention to detail with high level of accuracy and confidentiality
- Initiative, reliability, teamwork and customer service orientation
For more info: https://hubs.la/Q02BPGNR0