Information Security Officer

Job Description

Job Description

JOB SUMMARY

Specialty Systems, Inc. has an opening for an Information Security Officer (ISO) with the below described skills and experience to join our team of technical professionals supporting our Department of Defense customer at the Joint Base MDL. In this position, you will have a high-profile role in the development and qualification of systems used for the support of unique Department of Defense systems. Ideal candidates will have a broad set of security engineering technical skills and must be able to work both individually and within a team environment. As a member of our team, you will be able to experience the professional satisfaction of playing a key role in ensuring that our Department of Defense customers’ systems that have a direct impact on our country’s warfighting and peace-keeping capabilities are performing at optimal levels.

The ISO provides cybersecurity and information assurance support for Navy systems, networks, and applications throughout the system lifecycle. The ISO assists with implementation, assessment, and continuous monitoring of cybersecurity controls in accordance with the DoD Risk Management Framework (RMF), NIST SP 800-53, DoD 8500/8510 series, and applicable Navy cybersecurity policies. Working closely with system engineers, system administrators, and program leadership, the ISO supports activities required to achieve and maintain Authority to Operate (ATO) of labs and programs, while ensuring compliance with cybersecurity requirements and protection of sensitive Navy information systems. The ISO contributes to system security documentation, vulnerability management, and cybersecurity compliance activities supporting operational Navy systems and development environments.

This position is located at our customer site at Joint Base MDL. In this position, you will work our customer’s Compressed Work Schedule which consists of working four 9hour days (M-Th) and an 8-hour day (F) for the first week of a cycle followed by four 9-hour days (M-Th) and being off on the second Friday for the second week of a cycle. This results in a 3-day weekend every other week!

RESPONSIBILITIES

• Cybersecurity Compliance & RMF Support.
  • Support implementation of the DoD Risk Management Framework (RMF) process for Navy information systems.
• Assist in development and maintenance of RMF documentation.
• Assist with system categorization, control selection, and implementation validation in accordance with NIST SP 800-53.
• Coordinate with Authorizing Officials (AO), ISSMs, ISSOs, and system owners to support ATO packages.
• Vulnerability Management & Continuous Monitoring.
  • Monitor cybersecurity vulnerabilities and assist with remediation planning.
• Track vulnerabilities and corrective actions through POA&M management.
• Assist with enforcement of DoD and Navy cybersecurity policies.
• Develop and update software requirements, design documents, and test procedures. Working closely with system administrators, developers, and network engineers to implement cybersecurity controls.
• Must maintain certifications required for position

QUALIFICATIONS :

• A BS/BA degree in Computer Science, Software Engineering, Electrical Engineering, or a related STEM field is preferred. Equivalent work experience is acceptable in lieu of a degree.
• Must have a Secret level or higher clearance or be able to obtain a Secret Clearance.
• Must have at least 3 or more years’ experience cybersecurity or information assurance experience supporting DoD or federal systems.
• Security+ CE or the ability to obtain certification within 3-6 months.
• Must achieve CWF status

Technical Requirements:

• Experience supporting DoD Risk Management Framework (RMF) activities.
• Knowledge of NIST SP 800-53 security controls and DoD cybersecurity policies.
• Experience with vulnerability scanning tools (ACAS/Nessus) and STIG implementation.
• Familiarity with cybersecurity documentation required for ATO packages.
• Experience supporting DevSecOps environments.
• Experience with both containerized and virtualized environments
• Understanding of continuous monitoring and cyber readiness reporting.
• Individuals should be self-starters able to work with little supervision to support cybersecurity compliance.
• Must be able to work collaboratively within a multi-disciplinary team.

Preferred Qualifications

• Experience supporting Navy or DoD programs.

Security Clearance Notice:

• Applicants selected must have a U.S. Government security clearance of secret level or higher and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required.

Specialty Systems, Inc. provides equal employment opportunity (EEO) to all employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability status, genetic information, marital status, ancestry, protected veteran status, or any other characteristic protected by applicable federal, state, and local laws and offers equal opportunity for VEVRAA Protected Veterans. Specialty Systems, Inc. will not discriminate against employees and job applicants who inquire about, discuss, or disclose compensation information.

Reasonable accommodation that do not cause an undue hardship on the company may be made to enable individuals with disabilities to perform essential functions, as long as that would not hinder or prevent performance of duties or be of a safety concern.

PHYSICAL DEMANDS:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is required to reach with hands and arms. The employee is frequently required to sit, stand and walk. The employee may be required to move ten pounds and could occasionally lift or move up to twenty-five pounds.

Disclaimer: The listed duties are not intended to serve as a comprehensive list of all duties performed by all employees in this classification, only a representative summary of primary duties and responsibilities.