Information System Security Officer (ISSO)
Description:
Job Description
Description
Innovative Defense Technologies (IDT), a leading defense technology company, is seeking an Information System Security Officer (ISSO) to be part of our Security team and based out of our Fall River, MA location.
The Information System Security Officer (ISSO) is a key member of the security team that will support the Assessment and Authorization (A&A) process for information systems under the jurisdiction of the Defense Counterintelligence and Security Agency (DCSA). The Fall River ISSO is responsible for ensuring that the information system complies with the security requirements and controls specified in the DCSA Assessment and Authorization Guide (DAAG) and other applicable policies and regulations.
Clearance & Location Requirements:
All applicants must currently possess an active Secret U.S. Security Clearance.
This is an on-site position. Requiring 5 days in office, based out of our Fall River, MA location.
What You Will Do:
Familiarity with the Defense Counterintelligence Security Agency (DCSA) Assessment and Authorization Guide (DAAG) roles and responsibilities for the ISSO, as outlined in Section 3.7
Coordinate with the Information System Security Manager (ISSM) and Facility Security Officer (FSO) to ensure the highest level of cybersecurity compliance for classified information systems
Maintain the Information Systems (IS) security program and policies for assigned areas of responsibility IAW the DCSA DAAG, assigned NIST 800-53 controls, and other guidance as assigned by the ISSM.
Review and analyze all audit data at least weekly to ensure user activity adheres to operational security policy and procedures
Review of network device System Log (syslog) information to correlate to system level activity across multiple information systems.
Support ISSM oversight of operational IS security implementation policy and Risk Management Framework (RMF) guidelines to the system administrators
Support ISSM in the development and documentation of the Plan of Action and Milestones (POA&M) and produce actions to mitigate identified risks
Perform Continuous Monitoring (ConMon) tasks as assigned by the ISSM and documented within the System Security Plan
Perform comprehensive investigations of security incidents and ensure proper measures are taken post discovery of the incident/event
Administration of STIG compliance as it relates to Operating Systems and applications
Facilitate and track all Information System Account requests and expirations for Internal Users and Visitor accounts
Responsible for the preparation and demonstration of compliant classified IS’s in advance of a DCSA assessments
Identity and Authorization Management, including user, group, and role on both Windows and Linux systems.
Actively participate in the development and implementation of effective IS security
Who You Are (Required):
Bachelor's degree in Information Systems or Cybersecurity, or equivalent full-time professional experience
3+ years of professional experience within Information Security or related roles.
Required Certification: Security+ CE, or equivalent Level I or II IAT/IAM DoD 8140 certification
Ability to travel up to 10% of the time needed
Experience with Assessment & Authorization efforts for DCSA ATO management, including hands on eMASS experience
Experience with RMF Continuous Monitoring Tooling and Systems (ACAS/Tenable, STIGViewer, SCAP Compliance Checker, etc.)
Proficiency with SIEM tools (Wazuh, Splunk, SolarWinds Security Event Manager)
Experience with Cybersecurity tools (Tenable Security Center, Trellix ePO, Tanium, WSUS, RedHat Satellite)
Ability to manage users on both Linux and Windows environments, role-based access control (RBAC), security policies (GPO’s, SELinux, etc.), domain management (Active Directory, DNS, File Server, etc.), STIG/hardening actions, Troubleshooting (Event Viewer, top, netstat, systemctl, etc.)
Familiarity with National Industrial Security Program Operating Manual (NISPOM), The 32 Code of Federal Regulations Part 117 and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirement
What Makes You Stand Out:
Preferred Certifications: CySA+, CASP+ CE, CISA, CISM, CISSP
Experience writing policy and procedure documentation
Experience in working on classified systems in a DCSA accredited environment
DCSA Authorization and Assessment Experience
NIST 800-53 Security Control Experience
Experience with tactical systems, virtualization
If you see yourself reflected in this role and are excited about the impact you could make, we encourage you to apply! If you know someone who may be a great fit, please feel free to share this opportunity with your network.
Pay Range*: $90,000.00 - $150,000.00
This amount may not be reflective of actual compensation that may be earned as pay is dependent on a candidate’s experience, skills, and education. The posted range does not include bonuses, commissions, tips, or other benefits. IDT is often looking to place multiple candidates at various levels. Therefore, more than one pay range has been included, commensurate with experience.
Why Work at Innovative Defense Technologies (IDT):
IDT is a growing company with a vibrant, entrepreneurial culture. We are headquartered in Arlington, VA with additional offices in Fall River, MA; Mount Laurel, NJ; and San Diego, CA. At each location, our employees work together in a modern, snack-filled, and social office space, designing innovative solutions for our defense industry customers. We offer employees competitive pay and benefits including:
Generous benefits package
Competitive PTO
Paid holidays
401(k) with immediate vesting and matching
9/80 optional schedule (2nd and 4th Friday off every month)
Tuition Assistance Reimbursement Program
Professional Development Resources
Pre-Tax Commuter Benefits
Organization-Wide Monthly Tech Connect Events
Annual Employee Recognition Awards
Regular Social Events and Catered Lunches
EEO Statement:
IDT is an Equal Opportunity employer.
Full-time