IPSecure Inc
Information System Security Officer (ISSO)
IPSecure Inc, Melbourne, Florida, United States, 32935
Information System Security Officer (ISSO) - TS/SCI Clearance Required - Location: Patrick SFB, Melbourne, FL
Job Description
IPSecure is seeking an Information System Security Officer to provide Risk Management Framework (RMF) support. We want you to join our qualified and diverse team of professionals where you can apply your talents to take our team to new levels of performance. This position primarily supports collateral Top Secret and below programs performing all aspects of DoD RMF activities. The successful candidate possesses experience ranging from documenting, implementing, and assessing security controls to performing system monitoring and compliance assessment activities. We need a team player who enjoys expanding and sharing their knowledge and training others. You will be involved in all aspects of cybersecurity operations and will partner with program/site leads as well as government staff and mission partners to maintain an effective information security program.
ResponsibilitiesWork as part of an integrated team to develop and maintain RMF body of evidence documentation (example: System Security Plan, Security Controls Traceability Matrix, Plan of Action and Milestones, ATO's) using Microsoft products such as Word, Excel, PowerPoint, and Visio.Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals.Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities.Work in close coordination with system administrators and other cyber team members to ensure systems are operated, maintained, and disposed of in accordance with applicable security policies and procedures and notify the ISSM when changes occur that might impact system authorization posture.Supports the CISO, PM, ISSM or ISO in maintaining current authorization to operate, and approval to connect, and in implementing corrective actions identified in the plan of action and milestones. Coordinates, with the CISO, PM, ISSM and AO staffs, development of an IS Configuration Management strategy and monitor any proposed or actual changes to the system and its environment.Ensure all security-related vulnerabilities and deficiencies are documented in the Plan of Action and Milestones (POA&M).Ensures the integration of cybersecurity into, and throughout the lifecycle of the IT, on behalf of the ISSM and ISO.Ensure the development and implementation of an effective information security education, training, and awareness program.Ensure configuration management policies and procedures for authorizing use of hardware/software on a system are followed and coordinate any additions, changes or modifications to hardware, software, or firmware with the ISSO/ISSM prior to the addition, change or modification.Ensures software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides (STIG)/security requirement guides).Reports security incidents or vulnerabilities to the CISO/ISSM/wing cybersecurity office according to AFI 17-203, Cyber Incident Handling.Basic Qualifications
Bachelor's degree, Cybersecurity or other related field and 3+ years of experience, or Master's degreeActive Top Secret security clearance w/SCIExperience working in information assurance or cybersecurity roles supporting classified DoD environmentsDoD 8570 IAM Level I (Security+) or higher baseline certification (CISSP preferred)Security+ w/CE's certificationWorking knowledge of NIST 800-53 controls and RMFExperience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (example: Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker)Preferred Qualifications
Additional training and/or certifications may be required within 6 months of hireProven communication skills to coordinate with program/site leads as well as government staff and mission partners
Benefits
Medical, Dental, Vision (company paid for employee and dependents), Paid Time Off, Sick Leave, Paid Federal Holidays, Education and Certification Reimbursement Program, 401(k) retirement plan with safe harbor employer match after 3 months, Prepaid legal plan and ID protection plan available, Accident Insurance, Critical Illness Insurance, and Hospital Indemnity Insurance available.
EEOC Statement
IPSecure is an Affirmative Action Employer and does not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability or status as a protected veteran.
Job Description
IPSecure is seeking an Information System Security Officer to provide Risk Management Framework (RMF) support. We want you to join our qualified and diverse team of professionals where you can apply your talents to take our team to new levels of performance. This position primarily supports collateral Top Secret and below programs performing all aspects of DoD RMF activities. The successful candidate possesses experience ranging from documenting, implementing, and assessing security controls to performing system monitoring and compliance assessment activities. We need a team player who enjoys expanding and sharing their knowledge and training others. You will be involved in all aspects of cybersecurity operations and will partner with program/site leads as well as government staff and mission partners to maintain an effective information security program.
ResponsibilitiesWork as part of an integrated team to develop and maintain RMF body of evidence documentation (example: System Security Plan, Security Controls Traceability Matrix, Plan of Action and Milestones, ATO's) using Microsoft products such as Word, Excel, PowerPoint, and Visio.Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals.Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities.Work in close coordination with system administrators and other cyber team members to ensure systems are operated, maintained, and disposed of in accordance with applicable security policies and procedures and notify the ISSM when changes occur that might impact system authorization posture.Supports the CISO, PM, ISSM or ISO in maintaining current authorization to operate, and approval to connect, and in implementing corrective actions identified in the plan of action and milestones. Coordinates, with the CISO, PM, ISSM and AO staffs, development of an IS Configuration Management strategy and monitor any proposed or actual changes to the system and its environment.Ensure all security-related vulnerabilities and deficiencies are documented in the Plan of Action and Milestones (POA&M).Ensures the integration of cybersecurity into, and throughout the lifecycle of the IT, on behalf of the ISSM and ISO.Ensure the development and implementation of an effective information security education, training, and awareness program.Ensure configuration management policies and procedures for authorizing use of hardware/software on a system are followed and coordinate any additions, changes or modifications to hardware, software, or firmware with the ISSO/ISSM prior to the addition, change or modification.Ensures software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides (STIG)/security requirement guides).Reports security incidents or vulnerabilities to the CISO/ISSM/wing cybersecurity office according to AFI 17-203, Cyber Incident Handling.Basic Qualifications
Bachelor's degree, Cybersecurity or other related field and 3+ years of experience, or Master's degreeActive Top Secret security clearance w/SCIExperience working in information assurance or cybersecurity roles supporting classified DoD environmentsDoD 8570 IAM Level I (Security+) or higher baseline certification (CISSP preferred)Security+ w/CE's certificationWorking knowledge of NIST 800-53 controls and RMFExperience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (example: Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker)Preferred Qualifications
Additional training and/or certifications may be required within 6 months of hireProven communication skills to coordinate with program/site leads as well as government staff and mission partners
Benefits
Medical, Dental, Vision (company paid for employee and dependents), Paid Time Off, Sick Leave, Paid Federal Holidays, Education and Certification Reimbursement Program, 401(k) retirement plan with safe harbor employer match after 3 months, Prepaid legal plan and ID protection plan available, Accident Insurance, Critical Illness Insurance, and Hospital Indemnity Insurance available.
EEOC Statement
IPSecure is an Affirmative Action Employer and does not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability or status as a protected veteran.