Innovative Defense Technologies (IDT), provider of automated software testing, data analysis, and cybersecurity solutions for complex, mission-critical systems in the US Department of Defense (DOD), is seeking an Information System Security Officer (ISSO)to support its San Diego, CA office.
Overview:
An Information System Security Officer (ISSO) is a key member of the security team that supports the Assessment and Authorization (A&A) process for information systems under the jurisdiction of the Defense Counterintelligence and Security Agency (DCSA). The ISSO is responsible for ensuring that the information system complies with the security requirements and controls specified in the DCSA Defense Assessment and Authorization Process Manual (DAAPM) and other applicable policies and regulations.
All applicants must currently possess an active U.S. Security Clearance .
Responsibilities Include:
Familiarity with the Defense Counterintelligence Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM) roles and responsibilities for the ISSO, as outlined in Section 3.7
Coordinate with the Information System Security Manager (ISSM) and Facility Security Officer (FSO) to ensure the highest level of cybersecurity compliance for classified information systems
Maintain the Information Systems (IS) security program and policies for assigned areas of responsibility IAW the DCSA DAAPM, assigned NIST 800-53 controls, and other guidance as assigned by the ISSM.
Review and analyze all audit data at least weekly to ensure user activity adheres to operational security policy and procedures
Review of network device System Log (syslog) information to correlate to system level activity across multiple information systems.
Support ISSM oversight of operational IS security implementation policy and Risk Management Framework (RMF) guidelines to the system administrators
Support ISSM in the development and documentation of the Plan of Action and Milestones (POA&M) and produce actions to mitigate identified risks
Perform Continuous Monitoring (ConMon) tasks as assigned by the ISSM and documented within the System Security Plan
Perform comprehensive investigations of security incidents and ensure proper measures are taken post discovery of the incident/event
Administration of STIG compliance as it relates to Operating Systems and applications
Facilitate and track all Information System Account requests and expirations for Internal Users and Visitor accounts
Responsible for the preparation and demonstration of compliant classified IS's in advance of a DCSA assessments
Identity and Authorization Management, including user, group, and role on both Windows and Linux systems.
Actively participate in the development and implementation of an effective IS security education, training, and awareness program
Ability to travel up to approximately 10%
Other duties as assigned
Minimum Required Qualifications:
A bachelor's degree in Engineering, Computer Science, Information Technology, or equivalent
5 or more years of relevant experience, preferably in a security position
DoD Directive 8140.03 (previously DoD 8570): candidate must meet the requirements of an IAT Level II as a condition of employment.
Required Skills:
RMF Continuous Monitoring Tooling and Systems (ACAS/Tenable, STIGViewer, SCAP Compliance Checker, etc.)
System Administrator experience with Windows Server/Workstation OS, Linux (Red Hat Enterprise Linux), VMWare VSphere VCenter, ESXi.
Ability to manage users on both Windows and Linux environments, role-based access control (RBAC), security policies (GPO's, SELinux, etc.), domain management (Active Directory, DNS, File Server, etc.), STIG/hardening actions, Troubleshooting (Event Viewer, top, netstat, systemctl, etc.)
eMASS experience
National Industrial Security Program Operating Manual (NISPOM), The 32 Code of Federal Regulations Part 117 and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirements
Preferred Skills:
Scripting and Automation with Shell (Powershell, Bash), Ansible Playbooks
Writing Policy and Procedure documentation
Experience in working on classified systems in a DCSA accredited environment
DCSA Authorization and Assessment Experience
NIST 800-53 Security Control Experience
Experience with tactical systems, virtualization
Competencies:
Excellent verbal and written communication skills
Attention to detail with high level of accuracy and confidentiality
Initiative, reliability, teamwork and customer service orientation
Pay Range* : $102,600 - $179,550 or $132,300 - $231,000
*Pursuant to California Senate Bill 1162 , IDT is required to disclose the "pay scale" or "pay range" associated with a job posting. Notably, however, this amount may not be reflective of actual compensation that may be earned as pay is dependent on a candidate's experience, skills, and education. The posted range does not include bonuses, commissions, tips, or other benefits. Click here for additional information about Senate Bill 1162. IDT is often looking to place multiple candidates at various levels. Therefore, more than one pay range has been included, commensurate with experience.
EEO Statement:
IDT is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, protected Veteran status, or any other basis protected by federal, state, or local law.
