Information Systems Security Officer (ISSO) - Active Clearance Required
Find your job at www.LoveYourJob.com
Job Title: Information Systems Security Officer (ISSO)
Location: Lexington, MA
Duration: Direct Hire
*Applicants must possess an active Top Secret Security Clearance without incident for access to classified information.
POST-OFFER BACKGROUND CHECK IS REQUIRED. An essential function of this job is physical attendance. Digital Prospectors is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
The Security Services Department's overall mission is to ensure a safe and secure environment and protect the Laboratory at all facilities in which staff members perform their mission of research and development. To accomplish this mission, this department formulates and implements policies, plans, and actions designed to protect facilities against threats of vandalism, accidental destruction, and sabotage; and safeguards personnel, classified and unclassified information systems, personal identifiable information, property, and other assets from exploitation and recruitment by foreign intelligence agencies.
The Information Systems Security Officer (ISSO) – IT IC Level 3 (Special Programs) will provide information systems security support to several independent Laboratory programs.
The successful candidate will work independently and as a team member, must be a quick learner, self-motivated, reliable, and able to balance multiple tasks simultaneously. Candidate must have strong interpersonal skills and be able to manage stress in a professional manger. Candidate must be knowledgeable in computer security principles and policies, to include, Security Technical Implementation Guides (STIGs), National Industrial Security Program Operating Manual (NISPOM), NIST 800-53 / Risk Management Framework (RMF), Joint SAP Implementation Guide (JSIG), Intelligence Community Directive (ICD) 503, and DoD Manual 5205.07 Volumes 1- 4. Candidate must have strong technical skills and be able to respond to off-hours emergencies. Position requires occasional local and overnight travel.
- Assist and Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
- Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
- Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.
- Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stake holders
- Recognize a possible security violation and take appropriate action to report the incident, as required.
- Assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy
- Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures
- Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation
- Lead and align information technology (IT) security priorities with the security strategy.
- Prepare for and participate in periodic organization compliance assessments
- Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
- BS degree in Information Security, Computer Science, Cybersecurity, Information Technology, Computer Information Systems, or related discipline is required
- A minimum of 4 years of IT security experience in DoD Information Security is preferred
- Possess a DoD 8570.01-M IAM I baseline certification (e.g. CompTIA Security+), or be able to obtain one within 6 months of hire
- Technical experience, skills, and course work completed towards an Undergraduate Degree, or industry IT certifications may be considered in lieu of education or DoD security experience requirements
- Demonstrated understanding of the following security frameworks is required:
- NIST 800-53 / Risk Management Framework (RMF)
- Joint SAP Implementation Guide (JSIG)
- Intelligence Community Directive (ICD) 503
- National Industrial Security Program Operating Manual (NISPOM) Chapter 8
- DoD Manual 5205.07 Volumes 1- 4
- Experience and familiarity with multiple operating systems such as Windows Server 2012, 2016 and 2019, Windows 7 and 10, Red Hat Enterprise Linux, Ubuntu, Mac, etc.
- Experience with virtualization and Cloud technologies is preferred
- Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements).
- Technical experience securing networks and systems utilizing DISA STIGs and/or SRGs is highly desired
- Demonstrated experience with vulnerability scanning and auditing tools and processes is required
- Excellent written and verbal communication skills are required
- Selected candidate will be subject to a pre-employment background investigation and possess a current in scope Top Secret level security clearance with compartmental program eligibility.
Our client, one of the most prestigious Research and Development Labs in the country, is working on solutions to our nation's most complex defense and commercial related challenges. We have placed hundreds of talented engineers with this client over the years - If you are qualified - we can get you in!!!
The mission is critical and the work is as cutting-edge as it is rewarding. The teams are superbly managed groups of world class engineers from all types of interesting and diverse backgrounds - AND THEY ARE HIRING!
Make this your next career move as one of our many long-term contractors or employees!
Work as our full-time employee with full benefits (Medical, Dental, Vision, STD, LTD, PTO, Retirement, etc.) - OR - work as a W2 hourly contractor at a higher pay rate if you don't need the benefit package.
ABOUT DIGITAL PROSPECTORS:
Founded in 1999, Digital Prospectors is an award-winning recruiting and consulting firm that specializes in placing contract, contract-to-hire and direct hire engineers into rewarding opportunities with our impressive and ever-growing client base. We believe that all people should love their jobs.
Come see why Digital Prospectors has been voted “Best Staffing Firm to Temp For” by Staffing Industry Analysts, "Best of Staffing" for candidate satisfaction by Inavero / CareerBuilder.com, "Top Temporary Placement Firm" by Boston Business Journal, "Best Company To Work For" by Business NH magazine, "Excellence in IT and Engineering Staffing” by TechServe Alliance, "Top IT Services Company" by Inc. Magazine, "Most Reliable Staffing Agency" in Forbes Magazine and "Top Ranked Staffing Firm" by Staffing Industry Analysts.