Information System Security Officer (ISSO)
Innovative Defense Technologies

Description

Background Information:

Innovative Defense Technologies (IDT), provider of automated software testing, data analysis, and cybersecurity solutions for complex, mission-critical systems in the US Department of Defense (DOD), is seeking an Information System Security Officer (ISSO) to be based in our Mt. Laurel, NJ office.

Overview:

The Information System Security Officer (ISSO) will be a key member of the security team to support the Assessment and Authorization (A&A) process for information systems under the jurisdiction of the Defense Counterintelligence and Security Agency (DCSA). The ISSO is responsible for ensuring that the information system complies with the security requirements and controls specified in the DCSA Defense Assessment and Authorization Process Manual (DAAPM) and other applicable policies and regulations.

All applicants must currently possess an active U.S. Security Clearance.

Responsibilities Include:

• Coordinate with the Information System Security Managers (ISSM/AISSM) and Facility Security Officer (FSO) to ensure the highest level of cybersecurity compliance for classified information systems
• Maintain the Information Systems (IS) security program and policies for assigned areas of responsibility
• Review and analyze all audit data at least weekly to ensure user activity adheres to operational security policy and procedures
• Support ISSM/AISSM oversight of operational IS security implementation policy and Risk Management Framework (RMF) guidelines to the system administrators for each enclave
• Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures
• Conduct assessments and periodic testing of information systems security requirements, evaluate current security posture and recommend priorities for remediation; provide corrective action responses as they pertain to self-inspections
• Support ISSM/AISSM in the development and documentation of the Plan of Action and Milestones (POA&M) for each Classified IS enclave and produce actions to mitigate identified risks
• Perform tasks related to the Continuous Monitoring (ConMon) plans that include auditing, software and hardware configuration management updates, and vulnerability assessments
• Ensure all systems are operated and maintained in accordance with documented security policies and procedures
• Perform comprehensive investigations of security incidents and ensure proper measures are taken post discovery of the incident/event
• Support the System Administrators (SAs) and ISSM/AISSM on reviews of quarterly STIG compliance as it relates to Operating Systems and applications
• Assist SAs with implementation of user additions, deletions, and changes on the classified IS when required or SAs are unavailable
• Support the preparation and demonstration of compliant classified IS's in advance of a DCSA assessments
• Ability to travel up to approximately 10%
• Other duties as assigned

Minimum Required Qualifications:

• Bachelor's degree in Engineering, Computer Science, Information Technology, or relevant field
• 3+ years of relevant experience, preferably in a security position
• DoD Directive 8140.03 (previously DoD 8570): candidate must meet the requirements of an IAT Level II certification as a condition of employment.

Required Skills:

• eMass experience
• SIEM tools (Wazuh, Splunk, SolarWinds Security Event Manager)
• Cybersecurity tools (Tenable Security Center, Trellix ePO, Tanium, WSUS, RedHat Satellite)
• Linux (Red Hat), Windows Server/Workstation OSs
• Familiar with National Industrial Security Program Operating Manual (NISPOM), The 32 Code of Federal Regulations Part 117 and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirements

Preferred Skills:

• Experience writing policy and procedure documentation
• Experience in working on classified systems in a DCSA accredited environment
• DCSA Authorization and Assessment Experience
• NIST 800-53 Security Control Experience
• ESXi OS
• Experience with tactical systems, virtualization

Competencies:

• Excellent verbal and written communication skills
• Attention to detail with high level of accuracy and confidentiality
• Initiative, reliability, teamwork and customer service orientation

EEO Statement:

Applicants, employees, and former employees are protected from employment discrimination based onrace,color,religion,sex, pregnancy,sexual orientation,gender identity,national origin,age,disability, veteran status,genetic information, or any other basis protected by federal, state, or local law.

---