Apogee Research, LLC
Cyber Security Specialist/ISSO
Apogee Research, LLC, Arlington, Virginia, United States, 22201
About the Company:
Apogee Research brings cutting-edge research into practice for the DoD community. We blend agility with rigor to develop new technologies and transition them for operational use. Founded in 2012, Apogee Research brings together cross-discipline teams to solve difficult and often deemed impossible problems across a range of different technical domains. At Apogee Research we work hard, we get things done, and we do it together.
About the Role:
Apogee Research is looking to hire a Cyber Security Specialist/Information Systems Security Officer to provide comprehensive information systems security support to a Department of Defense customer. This position will be responsible for providing day-to-day systems security operations support by ensuring that operational security is maintained for the assigned information systems. This position requires working knowledge of secure Government enterprise level information systems and networks, isolated standalone networks, security policies, technical security safeguards, and operational security measures.
Responsibilities:Ensure users follow established information security policies and procedures to protect, operate, maintain, and dispose of systems and data in accordance with internal security policies and Department of Defense (DoD) regulations.Interpret, review, maintain information Systems Security Plans (SSPs), Security Control Traceability Matrix (SCTM), assessments and authorizations in accordance with DoD mandated policies.Participate in and support assessments of various classified and Controlled Unclassified Information networks.Troubleshoot user accounts and network issues, perform backups, assist with Assured File Transfers, ensure the integrity of security configurations, and the removal of decommissioned information systems.Identify information systems vulnerabilities, recommend and or implement countermeasures for controlled and secure network resources.Develop a comprehensive Risk Management Framework (RMF) package including SSPs, Enterprise Sub-System packages, Information Continuous Security Monitoring Plans, and Body of Evidence to support system authorization in coordination with Program Managers, Information Systems Security Manager, and Government Customer Security Control Accessors.Load and configure secure Sectera vIPer phones and associated encryption keys.Review and analyze system audit logs to identify anomalous activity and potential threats to controlled and secure network resources.Conduct and monitor cyber awareness and information systems training sessions for company employees.Perform security audits on all systems assigned to validate proper use.Ensure information systems documentation (i.e., training records, user agreements, system baseline, SSPs etc.) are kept current.Coordinate with program stakeholders, the ISSM, Contract Program Security Officer (CPSO)/Facility Security Officer (FSO) IT Manager and team members to define, implement and maintain an acceptable information systems security posture.Provide support to the ISSM in responding to security compliance incidents and, investigating and reporting security violations and incidents, as appropriate.Develop and maintain a Plan of Action and Milestones (POA&M) for all security related vulnerabilities and provide recommendations to the ISSM on correcting vulnerabilities associated with required security controls.Qualifications:
Bachelor’s degree in computer engineering, computer science, information systems, or related field of study. May substitute 4 years hands on experience in lieu of degree.Five to eight years of relevant security experience for large-scale IT and database systems comprised of a multi-tier architecture and the integration of complex commercial software products.Three to five years’ experience configuring Red Hat, other Linux distributions and Windows based operating systems to conform to selected Security Technical Implementation Guides.Knowledge and experience with technical and configuration standards relating to information system security; prefer experience configuring Windows Server operating systems, thin client architecture, system virtualization and other related peripherals.Experience with certification/authorization requirements as outlined in the NISPOM, RMF JISG, ICD 503, NIST SP 800-53 Rev 4/5, NIST SP 800-171, DoD STIG Overlays, and other USG IS/Security-related policies.Ability to obtain and maintain DoD 8140.01 (formerly 8570.01-M) certification at IAT Level 1 or 2, in one or more of the following: CAP, CND, CompTIA Security+, and CompTIA CySA+.Possess a high degree of creativity, originality, and initiative requiring minimal supervision.Preference given to candidates with experience working in a Research & Development environment.Must have an active Top-Secret clearance.
About Apogee Research
Apogee Research offers flexible work schedules and a comprehensive benefits package that includes health, dental, vision, life, and disability insurance, FSAs, paid vacation, sick leave, and paid holidays. Conveniently located in Arlington, VA, we are a short walking distance from the Ballston Metro station. We offer the choice of paid garage parking or a contribution towards a transit account.
Apogee Research, LLC is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, parental status, military service, or other non-merit factors.
Apogee Research brings cutting-edge research into practice for the DoD community. We blend agility with rigor to develop new technologies and transition them for operational use. Founded in 2012, Apogee Research brings together cross-discipline teams to solve difficult and often deemed impossible problems across a range of different technical domains. At Apogee Research we work hard, we get things done, and we do it together.
About the Role:
Apogee Research is looking to hire a Cyber Security Specialist/Information Systems Security Officer to provide comprehensive information systems security support to a Department of Defense customer. This position will be responsible for providing day-to-day systems security operations support by ensuring that operational security is maintained for the assigned information systems. This position requires working knowledge of secure Government enterprise level information systems and networks, isolated standalone networks, security policies, technical security safeguards, and operational security measures.
Responsibilities:Ensure users follow established information security policies and procedures to protect, operate, maintain, and dispose of systems and data in accordance with internal security policies and Department of Defense (DoD) regulations.Interpret, review, maintain information Systems Security Plans (SSPs), Security Control Traceability Matrix (SCTM), assessments and authorizations in accordance with DoD mandated policies.Participate in and support assessments of various classified and Controlled Unclassified Information networks.Troubleshoot user accounts and network issues, perform backups, assist with Assured File Transfers, ensure the integrity of security configurations, and the removal of decommissioned information systems.Identify information systems vulnerabilities, recommend and or implement countermeasures for controlled and secure network resources.Develop a comprehensive Risk Management Framework (RMF) package including SSPs, Enterprise Sub-System packages, Information Continuous Security Monitoring Plans, and Body of Evidence to support system authorization in coordination with Program Managers, Information Systems Security Manager, and Government Customer Security Control Accessors.Load and configure secure Sectera vIPer phones and associated encryption keys.Review and analyze system audit logs to identify anomalous activity and potential threats to controlled and secure network resources.Conduct and monitor cyber awareness and information systems training sessions for company employees.Perform security audits on all systems assigned to validate proper use.Ensure information systems documentation (i.e., training records, user agreements, system baseline, SSPs etc.) are kept current.Coordinate with program stakeholders, the ISSM, Contract Program Security Officer (CPSO)/Facility Security Officer (FSO) IT Manager and team members to define, implement and maintain an acceptable information systems security posture.Provide support to the ISSM in responding to security compliance incidents and, investigating and reporting security violations and incidents, as appropriate.Develop and maintain a Plan of Action and Milestones (POA&M) for all security related vulnerabilities and provide recommendations to the ISSM on correcting vulnerabilities associated with required security controls.Qualifications:
Bachelor’s degree in computer engineering, computer science, information systems, or related field of study. May substitute 4 years hands on experience in lieu of degree.Five to eight years of relevant security experience for large-scale IT and database systems comprised of a multi-tier architecture and the integration of complex commercial software products.Three to five years’ experience configuring Red Hat, other Linux distributions and Windows based operating systems to conform to selected Security Technical Implementation Guides.Knowledge and experience with technical and configuration standards relating to information system security; prefer experience configuring Windows Server operating systems, thin client architecture, system virtualization and other related peripherals.Experience with certification/authorization requirements as outlined in the NISPOM, RMF JISG, ICD 503, NIST SP 800-53 Rev 4/5, NIST SP 800-171, DoD STIG Overlays, and other USG IS/Security-related policies.Ability to obtain and maintain DoD 8140.01 (formerly 8570.01-M) certification at IAT Level 1 or 2, in one or more of the following: CAP, CND, CompTIA Security+, and CompTIA CySA+.Possess a high degree of creativity, originality, and initiative requiring minimal supervision.Preference given to candidates with experience working in a Research & Development environment.Must have an active Top-Secret clearance.
About Apogee Research
Apogee Research offers flexible work schedules and a comprehensive benefits package that includes health, dental, vision, life, and disability insurance, FSAs, paid vacation, sick leave, and paid holidays. Conveniently located in Arlington, VA, we are a short walking distance from the Ballston Metro station. We offer the choice of paid garage parking or a contribution towards a transit account.
Apogee Research, LLC is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, parental status, military service, or other non-merit factors.