What are the responsibilities and job description for the Information Systems Security Officer Trellix position at Quantum Research International Inc?
Information Systems Security Officer Trellix
Overview:
Quantum Research International, Inc. (Quantum) provides our national defense and federal civilian and industry customers with services and products in the following main areas: 1) Cybersecurity and Information Operations; 2) Space Operations and Control; 3) Aviation Systems; 4) Ground, Air and Missile Defense, and Fires Support Systems; 5) Intelligence Programs Support; 6) Experimentation and Test; 7) Program Management; and (8) Audio/Visual Technology Applications. Quantum's Corporate Office is located in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation's Warfighters. In addition to our corporate office, we have physical locations in Arlington, VA, Aberdeen, MD, Colorado Springs, CO; Shalimar, FL; and Tupelo, MS.
Mission:
Force Tracking Mission Management Center (FT MMC) Information Systems Security Officer (ISSO) will advise on government security procedures and policies, ensuring compliance and quality control across multiple architectures and government systems.
Responsibilities:
- Provide support to system accreditation implementing the Risk Management Framework (RMF) across multiple classification domains and update status in the Enterprise Mission Assurance Support Service (eMASS) system.
- Manage and maintain artifacts, resources, and security controls for systems accreditation within Enterprise Mission Assurance Support Service (eMASS)
- Ability to create, manage, and complete Plan of Actions & Milestones (POA&M’s) to accurate overview of the information systems security posture.
- Create and maintain cybersecurity policies, procedures, and various other necessary documentation to comply with federal laws, executive orders, directives, regulations, policies, standards, and guidelines.
- Review, maintain and report compliancy of Cyber Tasking Orders (CTO’s), Fragmented Orders (FRAGO’s), and Operational Orders (OPORD’s), with appropriate governing entities.
- Create monthly current cybersecurity metrics and report to appropriate stakeholders as required by the organization.
- Collaborate with network administrators to develop and maintain DISA compliant Ports Protocols Services Management (PPSM) data for all systems assigned.
- Analyze and define information security requirements for current and future internal and external data connections and maintain documentation for those connections in a central repository.
- Fundamental understanding of the latest DoD cybersecurity tools operations and management (Tenable Assured Compliance Assessment Solution (ACAS), Trellix Endpoint Security (ENS), Security Information and Event Management (SIEM), etc.)
- Perform security monitoring and routine audits utilizing various SIEM products.
- Perform Cross Domain Solution (CDS) audits/administration to maintain and verify security classification compliance for data transfers.
- Utilize the configuration management program to assess the impact of proposed changes, address approved hardware/software meet the defined security controls.
- Analyze and remediate information system security risks, threat vectors and vulnerabilities to prevent security incidents in accordance with vulnerability management and incident response procedures.
- Coordinate with internal and external entities to conduct vulnerability assessments, simulate cybersecurity preparedness exercises, and draft reports to stakeholders.
- Understanding of cryptography and how it pertains to the Confidentiality-Integrity-Availability (C-I-A) triad.
- Perform and document Account Access Authorization and Control for all information systems assigned
- Work as an integrated team member in a highly dynamic, operationally sensitive environment providing security of mission critical data to the war fighter.
Required Skills and Qualifications:
- Certifications: CompTIA Security
- Minimum of five years of progressively complex experience in the Information Systems Security / Cybersecurity domain.
- Experience with EMASS, Trellix (previously McAffee), ePolicy Orchestrator, Assured Compliance Assessment Solution (ACAS), and Security Content Automation Program (SCAP)/Security Technical Impementation Guide (STIG)
- TS/SCI Clearance required.
- Deep understanding of NIST SP 800-37 (RMF Process) and NIST SP 800-53 (Security Controls).
- Experience with DoD RMF processes and CNSSI 1253.
- Knowledge of FISMA, FedRAMP, and other regulatory requirements.
- Familiarity with Enterprise Mission Assurance Support Service (eMASS) for system authorization.
- Ability to manage Plan of Actions and Milestones (POA&M) to address security vulnerabilities.
Desired Skills and Qualifications:
- Bachelor's degree in Computer Science, Information Systems, Engineering, or a related field (or equivalent experience).
- Certifications: CISSP, CISM, CASP, C|EH, CHFI
Certification in any of the following is desirable:
This position requires an active DoD Top Secret, Sensitive Compartmented Information (TS-SCI) security clearance. Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. Citizenship is required.
Quantum Research International is an Equal Opportunity Employer / Affirmative Action Employer M/F/D/V:
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
#LI-MM1
#LI-ONSITE
