Information Systems Security Officer (ISSO)

Overview:

Own Your Future.

Modern Technology Solutions, Inc. (MTSI) is seeking a Information Systems Security Officer (ISSO) in Dayton, Ohio.

Why is MTSI known as a Great Place to Work?

Interesting Work: Our co-workers support some of the most important and critical programs to our national defense and security.

Values: Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry.

100% Employee Ownership: we have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year.

Great Benefits - Most Full-Time Staff Are Eligible for:

Starting PTO accrual of 20 days PTO/year + 10 holidays/year

Flexible schedules

6% 401k match with immediate vesting

Semi-annual bonus eligibility (July and December)

Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account

Up to $10,000 in annual tuition reimbursement

Other company funded benefits, like life and disability insurance

Optional zero deductible Blue Cross/Blue Shield health insurance plan

Track Record of Success: We have grown every year since our founding in 1993

Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance.

MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide.

For more information about MTSI, please visit .

Responsibilities:

Position Overview

Modern Technology Solutions, Inc. (MTSI) is seeking an experienced Information Systems Security Officer (ISSO) who will be responsible for maintaining compliance with applicable security regulations, leading the Information Assurance program for various classified information systems, and performing site-level Information Technology support in a customer facility.

Roles and Responsibilities

• Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures.

• Generate and maintain required IS security documentation including Systems Security Plans (SSP), Information Assurance Standard Operating Procedures (IA SOP), Continuous Monitoring Plans, Security Control Traceability Matrices, Risk Assessments, Plan of Action & Milestones (POA&Ms), common vulnerabilities and exposures (CVEs), security technical implementation guides (STIGs), equipment specifications, practices, and procedures.

• Maintain customer-required Information Assurance (IA) certifications.

• Maintain day-to-day security posture and continuous monitoring of classified Information Systems (ISs).

• In coordination with IT, schedule, perform and maintain records of required IS auditing, software/hardware changes, and vulnerability scanning based on customer compliance requirements.

• Develop and conduct test procedures for verification Assessment and Authorization (A&A), Risk Management Framework (RMF) safeguards to meet customer requirements based upon ICD-703 and related NIST publications.

• Employ customer-approved procedures for sanitizing and releasing system components and media.

• Maintain a repository of security authorizations for ISs under the office’s purview.

• Assess changes to an IS by performing periodic self-inspections, tests, and reviews of the IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed; ensure corrective actions are taken for identified findings and vulnerabilities.

• Perform threat hunting, researching findings, validating that technical security controls have been implemented properly, audit analysis, vulnerability management, software assessment, monitoring network performance in real-time, incident response/clean up, and developing the POA&Ms for those items.

• Maintain a working knowledge of IS functions, security policies, technical security safeguards, and operational security measures Coordinate with Facility Security Officer (FSO) and Contractor Program Security Officer (CPSO) to define, implement and maintain information security policies, strategies, and procedures.

• Implement policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents.

• Ensure the development, documentation, and presentation of classified IS security education, awareness, and training activities.

Qualifications:

• CompTIA Security+ certification. (EC-Council Certified Ethical Hacker/CEH, CompTIA Cybersecurity Analyst/CySA+ desired)

• 5-8 years of experience working in an IA-related field and/or 3-5 years of experience in IT with a heavy emphasis on defensive cyber operations (DCO) related tasks (Security Information and Event Management ((SIEM)) – Splunk or SolarWinds, Network Defense, Continuous Monitoring ((ConMon)), Data Loss Prevention ((DLP)), Incident Response, Continuity of Operations, Disaster Recovery, Security Operations Center ((SOC))).

• Experience with A&A documentation and system authorization artifacts.

• Knowledge of federal security requirements and mandates (e.g., RMF, Federal Information Processing Standards (FIPS), National Standards of Information Technology (NIST)).

• Experience using security hardening, collection, and assessment tools (e.g., SCAP, ACAS, WASSP, SECSCN, Nessus, etc.) is desired.

• Associate’s degree in computer science, Information Technology, Information Security, or related field (bachelor’s degree preferred).

• In-depth knowledge of Microsoft Windows OS (client and server); familiarity with Red Hat Enterprise Linux (RHEL) desired.

• Experience with Joint SAP implementation Guide (JSIG).

• Experience with security architectures, firewalls, and network access.

• Experience with risk managed downloads, IS sanitization and destruction, PEDs, contaminations, incident response, virus scanning, privileged user access, and hardware/software configuration management.

• Strong communication skills – written and verbal.

• Good analytical and planning skills.

• Ability to learn quickly and work under pressure in a fast-paced environment.

• Excellent organizational and time management skills.

• Must possess an active Top Secret security clearance. Duties will require unescorted entry and work within classified SAP and SCI facilities.

• Must have 12+ months experience in a SAP or SCI environment.

Please Note: U.S. Citizenship is required for this position, due to contract requirements.

ADDITIONAL NOTES

• Travel: Position requires up to 10% travel to CONUS areas

#LI-MS1

#MTSI

Permanent