- The ISSO will be responsible for the implementation of the information assurance program in accordance with DoD , and the Joint SAP Implementation Guide (JSIG). Responsibilities include:
- Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.
- Evaluate emerging cybersecurity technologies for integration into multiple enterprise systems.
- Assess system vulnerabilities for security risks and propose / implement risk mitigation strategies.
- Assist the government in preparing documentation supporting Authority to Operate (ATO) requirements for developmental hardware, software, and facilities.
- Support cyber forensics, system security engineering, integration management solutions, and mitigation strategies to reduce high cyber-attack risks.
- Plans for obtaining all necessary authorization and connection approvals, and interface with senior policy and accrediting authorities across various DoD services and Combatant Commands to ensure the safe operation and/or accreditation of complex systems.
- Support COMSEC requirements.
- Ensures that appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.
- Ensure that proper response to computer security breaches, incidents and viruses are enacted. Apply principles and techniques of cyber hygiene, engineering, and cyber security analysis.
- Develop a NIST series compliant Contingency/Disaster Recovery Plan.
- Develop Incident Response procedures.
- Manage and maintain Plan of Actions and Milestones (POA&M) documentation for program office and supporting sites to ensure required actions are completed and on time.
- Support successful Assessment and Authorization (A&A) events in support of program office efforts.
- Review/create certification test plans for Information Systems.
- Develop a Network Access Control Policy for a WAN environment.
- Manage security program scope, schedule and risks as it pertains to SP
- Establish and apply tools and techniques to implement cybersecurity controls and referenced in NIST SP
- Conduct security assessments of the multiple networks.
- High School Diploma
- A DoD 8140/8570 Information Assurance Management (IAM) Level I Cyber Security certification (CAP, GSLC, CND, or Security +) is required.
- Minimum 3 years' experience
- Experience utilizing ACAS / Nessus Security Center.
- Experience performing audit reviews via third party software or OS embedded capability.
- Experience authoring Risk Management Framework documentation (SSP, POA&M, SCTM, RAR,)
- ACAS, STIG/SCAP, MS Office Suite (Word, Excel, PowerPoint)
Information Systems Security Officer - Patuxent River, United States - V2X Inc
Description
In this position the candidate will be responsible for ensuring appropriate operational security posture is maintained for multiple systems and will perform cybersecurity analysis and support required to maintain Risk Management Framework (RMF) Assessment and Authorization (A&A) packages. The position will be based at our customer site at NAS Patuxent River, MD.
Responsibilities:
Qualifications:
Education/Certifications:
One year related experience may be substituted for one year of education, if degree is required.
Experience:
Skills:
We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.