Maxar Technologies
Sr. Information Systems Security Officer (ISSO)
Maxar Technologies, Herndon, Virginia, United States, 22070
Maxar is seeking solutions-oriented head Information Systems Security Officer (ISSO) to work in an agile and fast-paced customer environment supporting a user base with a mission to solve unique and challenging problems in support of national security. We are seeking an ISSO who can collaborate as a team partner with a dynamic full technology stack engineering team working on a large scale Government Information System (IS) in both operations and new development. The head ISSO shall be responsible for performing the activities necessary to ensure the security of systems as well as the security of information within those systems. The ISSO will be responsible for performing activities to respond to Government enterprise cyber security actions and maintain the IS compliance with enterprise security requirements. The ISSO will work on the accreditation and re-accreditation of Government ISs at multiple classification levels. The ISSO must possess technical, organizational, and teamwork skills necessary to support the security of complex US Government Information Systems.Note: US citizenship and an active TS/SCI clearance is mandatory for this position and required for consideration. Consideration to acquire CI Poly possible.Location:
Northern Virginia (Herndon or Springfield)Principal Responsibilities:Program Cyber Security Execution
Execute all aspects of the cybersecurity program for Government Information Systems at multiple classification levels including:
Conduct vulnerability scan analysis and remediation plan creation and coordinationWork collaboratively with the technical team to manage and execute the program Continuous Monitoring (CONMON) processWork with the team's Product Owners to drive cyber security awareness and requirements into the program development processWork with the team's Product Owners to gather, assess and manage cyber security artifacts collected during virtualization environment tenant onboardingWork with the ISSE and technical team to write and successfully execute Plans Of Action and Milestones (POA&Ms) to address cyber security issues and liensWork with the program ISSE, accreditors and other system stakeholders to accurately represent the program's cyber security posture to key Government decision makersWork with the program ISSE and technical team to develop and document security controls implementations and create IS accreditation packages to include:
Security Concepts of Operations (CONOPS)System Security Plans (SSPs)Business Continuity/Disaster Recovery Plans (BCDRPs)Controls Family Policy and Procedures documents
Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).Acquire detailed system and programmatic knowledge while executing the cyber security program to develop subject matter expertise in the following areas
The technical architecture of the supported ISsThe organizational structure of the program's cyber security practiceThe documentation of the program's cyber security controlsThe missions supported by the programThe compliance requirements levied on the system by the Government enterprise
Experiences and Skills RequiredBachelor or Master degree in Information Technology, Information Assurance, Cyber Security or a related discipline plus 5+ years of experienceSecurity+ CE (SY0-601) or comparable certificationDemonstrated experience with DoD IA/Cybersecurity DirectivesWorking knowledge of the Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs) and how they are applied to ISsExperience using Tenable Assured Compliance Assessment Solution (ACAS) scanner or similar vulnerability scannersWorking knowledge of the Risk Management Framework (RMF) process as driven by ICD 503Working knowledge of the National Institute of Standards and Technology (NIST) Special Publication 800 seriesExcellent verbal and written communication skills with the team, stakeholders and GovernmentWillingness to work in a SCIF 90+%Active TS/SCI clearance and US citizenship (open to obtain CI polygraph)Additional Skills DesiredSome familiarity in these areas would be fabulous.Advance cyber security certifications such as Certified Systems Security Professional (CISSP), Global Information Assurance Certification, CISSP certification, DoD 8570 certification or similarDemonstrated experience working in the cyber security program of a large, multi-tiered, multi-classification level systemDemonstrated experience pre-empting, identifying and mitigating security incidentsDemonstrated experience working in a diverse, fast-paced, high-intensity team environmentFamiliarity with large scale virtualization environments and cloud computing systemsFamiliarity with Big Data and GIS systemsGeneral proficiency at the Linux command lineKnowledge of one or more scripting languages useful in the analysis and reduction of large data sets (Python, VBA or similar)Demonstrated experience with XACTA 360Demonstrated experience with Service+Familiarity with cyber security technology (SIEM tools, Firewalls, IDS, IPS, etc.)Salary Range:
$107,000.00 - $229,000.00 annually.We offer a comprehensive package of benefits including paid time off, health and welfare insurance, and 401(k) to eligible employees. You can find more information on our benefits at:
Maxar Benefits .This position will be posted for a minimum of three business days, and will be posted until a qualified candidate has been identified for hire.Maxar employees must follow all applicable Maxar policies and COVID-19 requirements as well as those of Maxar customers and third parties. Individual job requirements may vary, and Maxar reserves the right to modify its policies and requirements as it deems appropriate in accordance with applicable law.Maxar Technologies
values diversity in the workplace and is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
#J-18808-Ljbffr
Northern Virginia (Herndon or Springfield)Principal Responsibilities:Program Cyber Security Execution
Execute all aspects of the cybersecurity program for Government Information Systems at multiple classification levels including:
Conduct vulnerability scan analysis and remediation plan creation and coordinationWork collaboratively with the technical team to manage and execute the program Continuous Monitoring (CONMON) processWork with the team's Product Owners to drive cyber security awareness and requirements into the program development processWork with the team's Product Owners to gather, assess and manage cyber security artifacts collected during virtualization environment tenant onboardingWork with the ISSE and technical team to write and successfully execute Plans Of Action and Milestones (POA&Ms) to address cyber security issues and liensWork with the program ISSE, accreditors and other system stakeholders to accurately represent the program's cyber security posture to key Government decision makersWork with the program ISSE and technical team to develop and document security controls implementations and create IS accreditation packages to include:
Security Concepts of Operations (CONOPS)System Security Plans (SSPs)Business Continuity/Disaster Recovery Plans (BCDRPs)Controls Family Policy and Procedures documents
Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).Acquire detailed system and programmatic knowledge while executing the cyber security program to develop subject matter expertise in the following areas
The technical architecture of the supported ISsThe organizational structure of the program's cyber security practiceThe documentation of the program's cyber security controlsThe missions supported by the programThe compliance requirements levied on the system by the Government enterprise
Experiences and Skills RequiredBachelor or Master degree in Information Technology, Information Assurance, Cyber Security or a related discipline plus 5+ years of experienceSecurity+ CE (SY0-601) or comparable certificationDemonstrated experience with DoD IA/Cybersecurity DirectivesWorking knowledge of the Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs) and how they are applied to ISsExperience using Tenable Assured Compliance Assessment Solution (ACAS) scanner or similar vulnerability scannersWorking knowledge of the Risk Management Framework (RMF) process as driven by ICD 503Working knowledge of the National Institute of Standards and Technology (NIST) Special Publication 800 seriesExcellent verbal and written communication skills with the team, stakeholders and GovernmentWillingness to work in a SCIF 90+%Active TS/SCI clearance and US citizenship (open to obtain CI polygraph)Additional Skills DesiredSome familiarity in these areas would be fabulous.Advance cyber security certifications such as Certified Systems Security Professional (CISSP), Global Information Assurance Certification, CISSP certification, DoD 8570 certification or similarDemonstrated experience working in the cyber security program of a large, multi-tiered, multi-classification level systemDemonstrated experience pre-empting, identifying and mitigating security incidentsDemonstrated experience working in a diverse, fast-paced, high-intensity team environmentFamiliarity with large scale virtualization environments and cloud computing systemsFamiliarity with Big Data and GIS systemsGeneral proficiency at the Linux command lineKnowledge of one or more scripting languages useful in the analysis and reduction of large data sets (Python, VBA or similar)Demonstrated experience with XACTA 360Demonstrated experience with Service+Familiarity with cyber security technology (SIEM tools, Firewalls, IDS, IPS, etc.)Salary Range:
$107,000.00 - $229,000.00 annually.We offer a comprehensive package of benefits including paid time off, health and welfare insurance, and 401(k) to eligible employees. You can find more information on our benefits at:
Maxar Benefits .This position will be posted for a minimum of three business days, and will be posted until a qualified candidate has been identified for hire.Maxar employees must follow all applicable Maxar policies and COVID-19 requirements as well as those of Maxar customers and third parties. Individual job requirements may vary, and Maxar reserves the right to modify its policies and requirements as it deems appropriate in accordance with applicable law.Maxar Technologies
values diversity in the workplace and is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
#J-18808-Ljbffr