Job Information
Amentum Information Systems Security Officer (ISSO) 2 – TS/SCI w/Poly in Columbia, Maryland
Your Impact:
We are seeking an Information Systems Security Officer (ISSO) 2 for a prime contract that is based out of our Columbia, MD office.
Responsibilities:
• Provide support for a program, organization, system, or enclave's information assurance program.
• Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
• Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
• Assist with the management of security aspects of the information system and perform day-to-day security operations of the system.
• Evaluate security solutions to ensure they meet security requirements for processing classified information.
• Perform vulnerability/risk assessment analysis to support security authorization.
• Provide configuration management (CM) for information systems security software, hardware, and firmware.
• Manage changes to system and assess the security impact of those changes.
• Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Support security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
#DVS
#DIVERGENT
#DIVERGENTSOLUTIONS
Here’s What You’ll Need:
• Eight (8) years of combined work-related experience in the fields of IT, cybersecurity or security authorization is required.
• Bachelor's degree in Computer Science, Cyber Security or IT Engineering is required.
• In lieu of a Bachelor's degree, four (4) additional years of work-related experience may be substituted for a total of twelve (12) years.
• Compliance with DoD 8570.01-M with a minimum certification of IAM Level I is required.
• Experience in at least two of the following areas is required: knowledge of current security tools, hardware/software security implementation; communication protocols; or encryption tools and techniques.
• Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services.
Must be able to:
• Provide support to senior ISSOs for implementing, and enforcing information systems security policies, standards, and methodologies
• Assist with preparation and maintenance of documentation
• Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information
• Assist with Configuration Management (CM) for information system security software, hardware, and firmware
• Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades
• Propose, coordinate, and implement information systems security policies, standards, and methodologies
• Develop and maintain documentation for Security Authorization in accordance with ODNI and DoD policies
• Provide CM for security-relevant information system software, hardware, and firmware
• Ensure compliance with system security policy
• Evaluate security solutions to ensure they meet security requirements for processing classified information
• Maintain operational security posture for an information system or program
• Provide support to the information System Security Manager (ISSM) for maintaining the appropriate operational Cybersecurity posture for a system, program, or enclave
• Develop and update the system security plan and other Cybersecurity documentation
• Assist with the management of security aspects of the information system and perform day-to day security operations of the system
• Track and ensure appropriate user identification and authentication mechanism of the information System (IS)
• Obtain system authorization for ISs under their purview
• Provide support for a program, organization, system, or enclave's information assurance program
• Plan and coordinate implementation of IT security programs and policies
• Manage and control changes to the system assessing the security impact of those changes
• Provide daily oversight and direction to contractor ISSOs
• Interact with customers, IT staff, and high-level corporate officers to define and achieve required Cybersecurity objectives