Information System Security Officer, Classified Cybersecurity

Job Description

This position requires a current Top Secret/SCI clearance.

The Cybersecurity Specialist will partner with the security team, program, and government customers to perform as an Information Systems Security Officer (ISSO).

In this role you will:

- Oversee day-to-day information system (IS) security operations including hardware and software implementations.
- Fulfill appointed Media Custodian role as requested/directed by the customer.
- Carry out technical administration of IS in accordance with internal LM and customer security requirements, primarily RMF.
- Auditing of the IS.
- Upkeep, monitor, analyze, and respond to network and security events.
- Document compliance actions within the approved automated compliance tracking system or develop a plan of actions and milestones (POA&M) with the Information Systems Security Manager (ISSM) to address non-compliance in the allotted time frame.
- Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan.
- Ensure configuration management (CM) for security-relevant IS software, hardware, and firmware is maintained and documented in accordance with baseline.
- Ensure all information system security-related documentation is current and accessible to properly authorized individuals.
- Ensure records are maintained for workstations, software, servers, routers, firewalls, network switches, telephony equipment, etc. throughout the information system's life cycle.
- Evaluate proposed changes or additions to the information system, and advise the ISSM of their security relevance.
- Assist and conduct security IS education.
- Participate in internal/external security audits/inspections; perform risk assessments.
- Inform ISSM on technical IS security matters.
- Assist in conducting investigations of computer security violations and incidents, reporting as necessary to both the Program Security and Program Managers.
- Ensure proper protection and/or corrective measures have been taken when an incident or vulnerability has been discovered.
- Communicate, implement and manage a formal Information Security/Information Systems Security Program together with ISSM and Program Security.
- Implement and enforce Information Security Policies and Procedures together with ISSM and Program Security.
- Review and oversee RMF Package authorizations with the ISSM.

Desired skills

• Experience with obtaining and maintaining system Authority to Connect (ATO).
• Experience implementing new and complex technologies at multiple classification levels within large enterprise environments.
• DoD 8140/8570 IAM Level III certification.
• Ability to understand information systems equipment configurations.
• Experience working Assessment & Authorization (A&A) to completion.
• Experience with Graylog or Splunk.
• Experience with RHEL and Windows.
• Experience with Cisco and/or Juniper network devices.
• Have a Bachelor’s degree from an accredited college in a related discipline, or equivalent experience/combined education, with 5 years of professional experience; or 3 years of professional experience with a related Master’s degree.