Information System Security Officer (ISSO)
Job Description
Job DescriptionSalary:
ReLogic Research, Inc. seeks a highly-motivated, self-starting individual to join our team! ReLogic's central focus continually promotes a culture that stimulates personal, professional, and intellectual growth while developing elegant solutions to tough problems. We encourage teammates to be self-governing based on high standards of professionalism and judgment.
The Information System Security Officer (ISSO) will be responsible for supporting our Information Security (INFOSEC) Program. The ISSO will report to the Corporate Information System Security Manager (ISSM) on all information system security compliance aspects. The ISSO's primary duties will consist of managing the day-to-day compliance of both the classified and unclassified information systems and providing technical assistance and support to technical team members by:
Primary Responsibilities
Auditing information systems to ensure compliance with security policies and procedures while reporting any discrepancies to the ISSM
Performing Continuous Monitoring (ConMon) activities as required by the approved frequency
Performing Security Impact Analysis (SIA) and providing recommendations as part of the configuration Change Control Board (CCB) approval process
Managing user access and conducting user briefings as required
Assisting in the Risk Management Framework (RMF) and Cybersecurity Maturity Model Certification (CMMC) authorization processes by developing and maintaining artifacts
Ensuring Configuration Management (CM) of all associated hardware, software, and security-relevant functions are maintained and documented
Assisting with sanitization and release of hardware in accordance with security policies or DCSA Authorizing Official (AO) guidance
Testing/evaluation and application of required technical security controls, including performing certification tests and periodic inspections of information systems
Performing vulnerability scanning and patch remediation for the installed operating system, software, and firmware products
Maintain and keep current the sites Plan of Action & Milestone (POA&M) program
Assisting with classified spills/incident response or other security-related incidents
Assist in daily requirements of industrial security
Provide technical assistance and support to technical team members for IT systems, including PCs, operating systems, hardware, and software and applications
Requirements & Desired Skills
Desired experience in RMF and EMASS package generation
Desired experience with Operational Technology (OT) in secure environment
In receipt of bachelors degree and a minimum of 3 to 5 years of ISSO and/or IT experience
Current IAT Level II certification (e.g., Security + CE, CySA, etc) to satisfy DoDD 8140 (DoD 8570.01) requirements
Strong analytical, oral and written skills
Active Secret security clearance or ability to receive and maintain clearance
Familiarity with Facility Security requirements for DoD
Experience in navigating and utilizing Enterprise Mission Assurance Support Service (eMASS)
Experience with classified wide area networks (e.g., MDACNet, SIPRNet, DSWAN, etc.)
Experience with DISA Security Technical Implementation Guide (STIG)s, STIG Viewer and industry tools for vulnerability remediation and tracking
ReLogics policy is to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, gender (including pregnancy or childbirth), sex, sexual orientation, gender identity, gender expression, national origin, age, citizenship, disability, military obligation, or any other characteristic protected by law. In cases of disability, ReLogic follows the Americans with Disability Act (ADA). ReLogic prohibits and does not tolerate discrimination or harassment.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.