Information System Security Officer (ISSO)

Astrion

Eglin Air Force Base, Florida

JOB DETAILS
SKILLS
Analysis Skills, Auditing, Business Processes, CompTIA - Computing Technology Industry Association, CompTIA Security+, Computer Security, DIACAP - DoD Information Assurance Certification and Accreditation Process, Documentation, Emerging Technology, FISMA - Federal Information Security Management Act, Government Regulations, Hardware Architecture, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Leadership, Local Area Network (LAN), Nessus, Network Administration/Management, Operating Systems, Presentation/Verbal Skills, Process Improvement, Process Quality, Regulations, Requirements Management, Risk Analysis, Risk Management Framework (RMF), SAP, Secret Clearance, Security Analysis, Security Attacks, Security Auditing, Security Compliance, Security Design, Security Monitoring, Software Development, Software Development Lifecycle (SDLC), System Architecture, Systems Administration/Management, Systems Analysis, Systems Maintenance, Technical Support, Technology Analysis, Test Equipment, Training/Teaching, U.S. National Institute of Standards and Technology (NIST), United States Citizen, United States Department of Defense (DoD), Vulnerability Scanners, Wide Area Network (WAN), Writing Skills
LOCATION
Eglin Air Force Base, Florida
POSTED
13 days ago
Overview:

INFORMATION SYSTEM SECURITY OFFICER (ISSO)

LOCATION: Eglin AFB, FL

JOB STATUS: Full-time
CLEARANCE: Secret, with ability to obtain Top Secret

CERTIFICATION:CompTIA Security+

TRAVEL: 0-10%

 

 

Astrion has an exciting opportunity for an INFORMATION SYSTEM SECURITY OFFICER (ISSO) supporting the 96th Test Wing located at EGLIN AFB, FL.

 

 

REQUIRED QUALIFICATIONS / SKILLS

  • Active SECRET clearance. Must be eligible for a TOP SECRET clearance. Must be a U.S. citizen.
  • Requires 3 to 10 years of relevant experience
  • Bachelor’s or Master’s degree in the applicable discipline.
    • 6 years work experience may be substituted for a Bachelor's Degree; OR Associate’s degree plus 4 years work experience may be substituted for a Bachelor's Degree; OR Bachelor's Degree plus 8 years work experience may be substituted for a Master's Degree; OR 12 years work experience may be substituted for a Master's Degree.
  • This skill level typically works on high-visibility or mission critical aspects of a given program and performs all functional duties independently.
  • CompTIA Security+ certification is required.  Other certification may be required based on constantly changing requirements.

 

PREFERRED QUALIFICATIONS / SKILLS  

  • Technical audits and enforcement of information systems security procedures.
  • Experience working with government regulations, such as NISPOM, JAFAN, JSIG, DIACAP and Risk Management Framework.
  • Experience supporting various system configurations (Stand Alone, Local Area Networks, and Wide Area Networks).
  • Self-motivated and possess good written, verbal, listening and presentation skills.
  • Previous experience working in a classified information systems environment.
  • Familiarity with test equipment and sanitization procedures.

 

RESPONSIBILITIES

  • The primary purpose of this position is to serve as an Information Systems Security Officer (ISSO) overseeing the cybersecurity posture and compliance of critical mission systems. Responsible for executing the Risk Management Framework (RMF) lifecycle, adhering to the DoD Joint SAP Implementation Guide (JSIG), and securing Authorities to Operate (ATOs) for Information Systems (IS).
  • Responsibilities include developing, updating, and maintaining System Security Plans (SSPs), managing Plans of Action and Milestones (POA&Ms), and conducting continuous monitoring of classified and unclassified networks.
  • Ensures systems comply with information security policies, Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST) controls, and applicable DoW/DoD regulations.
  • Integrates security by design, advising software developers, system administrators, and project leaders on secure architecture, hardware/software compatibility, and vulnerability mitigation. The incumbent designs and reviews security audit routines, analyzes complex security incidents, and performs risk assessments on new technologies and system modifications. Works to achieve quality improvement in security processes and takes a proactive approach to customer assistance. Maintains an up-to-date awareness of emerging cyber threats and technologies to predict future security requirements.
  • Knowledge of Information Assurance (IA) and Cybersecurity principles, concepts, and methods sufficient to evaluate new and emerging IT security technologies and ensure their successful integration into the existing and anticipated infrastructure.
  • Knowledge of the Risk Management Framework (RMF), DoD JSIG, NIST SP 800-53 security controls, and FISMA requirements to guide systems through the assessment and authorization (A&A) process and maintain continuous ATO status.
  • Knowledge of IT systems architecture, operating systems, and network infrastructure to isolate vulnerabilities, interpret vulnerability scanner results (e.g., ACAS/Nessus, STIGs), and recommend technical mitigations that support organizational business processes without compromising security.
  • Knowledge of system development life cycles (SDLC) and DevSecOps to ensure security controls are integrated early in the design phase and to evaluate the security impact of proposed modifications or new applications.
  • Ability to gather facts and use analytical methods to assess complex cybersecurity requirements, develop and manage System Security Plans (SSPs) and POA&Ms, and solve intricate security and compliance problems.
  • Ability to maintain an up-to-date awareness of technological advances and cyber threat intelligence to predict how management can securely meet future operational requirements.
  • Ability to communicate orally and in writing to brief senior leadership on cyber risks, draft comprehensive security documentation, and provide training to functional users.
  • Ability to modify and adapt precedent security solutions to unique, specialized, or Special Access Program (SAP) requirements.
  • Skill in applying agency cybersecurity policies, incident response procedures, and audit management standards.

 

#CJ

#FloridaJobs
#LI-LP1

“TMAS2_96TW”

About the Company

A

Astrion

We are the transformative evolution of two prominent government services firms, ERC and Oasis Systems, each bringing with them a rich legacy of dedicated service to our nation’s Defense and Federal communities.

The company brings together 2,800 employees focused on Cybersecurity, Digital Solutions, Mission Support, and Systems Engineering serving customers in more than 36 states across the U.S. with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA.

Our resources, deep expertise, and adaptable solutions will enable us to scale and expand development and engineering capabilities for Defense and Federal communities.

COMPANY SIZE
2,500 to 4,999 employees
INDUSTRY
Other/Not Classified
WEBSITE
https://astrion.us/about-us/