Job Information
Systems Planning And Analysis, Inc. Information System Security Officer (ISSO) in Colorado Springs, Colorado
Information System Security Officer (ISSO) Job Locations
US-CO-Colorado Springs
ID 2024-18230
Category Cyber Security
Security Clearance Requirement Secret
Type Regular Full-Time
Level Mid-level Overview
Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted. The Space and Intelligence Division provides engineering services and analytic support to the Air Force, Space Force, Combatant Commands, the Intelligence Community, and NASA. Our work includes systems engineering and integration, test planning and execution, cost estimating and analysis, developing approaches and concepts to meet emerging, high priority National Defense needs, and assessing and developing cutting-edge technologies and capabilities to meet those needs. SPA has a near-term need for a Information Systems Security Officer.
Responsibilities
Responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This position may require privileged access and DODM 8570.01M restrictions will apply. Reviewing and assessing information system security requirements and associated verification methods per Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST); Performing analysis of network security based upon the RMF, NIST, and DISA Security Technical Implementation Guides (STIGS); Assisting with the design, integration, and implementation of NIST/RMF Continuous Monitoring tools and processes; Performing security assessments of servers/network devices/security appliances; Writing and executing cybersecurity test procedures for validation of control compliance; Monitoring and analyzing outputs of cybersecurity-related tools for reportable security incidents and residual risks; Identifying and/or assessing information system vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats; Providing and implementing cybersecurity risk management recommendations; Providing consultation and technical support on DoD Information System Security; Providing security consideration to inform systems engineering efforts with the objective to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences; Developing, implementing, and evaluating information system security program policy; Recommending cybersecurity software tools, assisting in the development of software tool requirements, and selection criteria; Reviewing and developing security-related designs and provide security compliance recommendations; Supporting Patch/Configuration Management, DevSecOps, and advanced technical support; Integrating/developing new techniques to improve Confidentiality, Integrity, and Availability for networks/systems operating at various classification levels. Has an in-depth understanding of the cybersecurity policies and procedures for government sector information systems and sufficient technical knowledge and experience to implement them. Provides hands on security and compliance guidance and work with Scrum Masters and product owners in concert with system requirement that are being developed and implementing cloud computing. This position may require privileged access and DODM 8570.01M restrictions will apply.
Qualifications
Required Qualifications: Bachelor's Degree in Cybersecurity, Information Technology, or a related technical discipline Minimum of 4 years of experience as an ISSE Certified in accordance with DoD Directive 8570.01-M for Information Assurance Technician Level II Experience with DoD cybersecurity policies, manuals, and standards Experience developing and maintaining RMF assessment and authorization documentation through the... For full info follow application link.