What are the responsibilities and job description for the Information Systems Security Officer (ISSM) position at Resonant Sciences, LLC?
INFORMATION SYSTEMS SECURITY OFFICER (ISSM)
Resonant Sciences is recruiting for a highly motivated and well-‐organized individual with prior experience administering US government security policies and procedures to serve as an Information Systems Security Manager (ISSM).
DUTIES AND RESPONSIBILITIES:
Certification & Accreditation of computer networks using government standards, and data contamination management, to include coordinating clean-‐up efforts and reporting requirements, as well as ensuring auditing requirements are completed.
This position is responsible for media control, virus scanning, hardware and software control, and computer security briefings. Must be a strong advocate for all disciplines within the security program, while at the same time ensuring the business needs are met. Candidate will handle the acquisition, installation, operations, maintenance, and usage of a multiuser computer networks in various classified environments. Installs and maintains workstation hardware, software, and peripheral components, and must have knowledge of operating systems including Windows, Windows Server. Interprets and adherence to various federal requirements including (but not limited to): JSIG, ICD 503, ICD 705, and NISPOM.
This position works closely with the Facility Security Officer and Customer Program Security Officer to ensure all systems security procedures are being followed. Requires the ability to make sound decisions, take independent action, analyze problems, and provide focused solutions with the ability to effectively communicate information to various audiences both verbally and through written communications. Will be required to interact with internal and external customers or Government security officials to perform security duties; address routine information security matters with employees regarding issues; report preparation, system security access briefings, and other duties as required.
Additional Duties Include:
- Prepare, update and maintain RMF documentation such as, but not limited to, Authorization to Operate (ATO) packages, System Security Plans (SSP), Risk Assessment Reports (RAR), Security Control Traceability Matrixes (SCTM) and Plan of Actions and Milestones (POA&Ms) for all networks and systems.
- Provide Configuration Management (CM) for IS security software, hardware, firmware and coordinating changes and modifications with the ISSM, SCA and Authorizing Official (AO).
- Identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies
- Continually evaluate the security posture of all networks and systems, including making recommendations for implementing new security controls as new threats and vulnerabilities are discovered.
- Work closely with Security Control Assessors (SCA) to determine effectiveness of current security controls and a path forward to implement future security controls, where potential weaknesses might exist.
- Establish, document, and monitor security programs while overseeing the implementation plans, and ensuring compliance with federal security requirements and mandates (e.g., RMF, Federal Information Processing Standards (FIPS), National Standards of Information Technology (NIST)).
- Possess a working knowledge of cyber security policies and technical cyber security protection measures.
- Serve as the authorizing officer for all cyber security issues.
- Conduct periodic scans to verify networks and systems are appropriately baselined with tested and approved system and application patches, hotfixes and updates.
- Create, log, and control all customer requests and transactions for data transfers between systems (e.g. Compact Disks (CD) and other high-capacity media, scanning documents, etc.).
- Ensure the following activities are required and completed on a periodic basis (e.g. ensuring data is backed up, account management (deactivate unused accounts and validate user access rights).
- Evaluate all new software and hardware products for potential security flaws and risks.
- Periodically review and analyze audit logs for system deficiencies and anomalies using audit reduction tools.
- Perform other duties, as assigned.
QUALIFICATIONS:
- Security Plus Certification.
- Five years of experience in Information Technology (IT) in a classified environment.
BA/BS degree 2 years ISSM/ISSO experience, or 6-‐8 years equivalent ISSM/ISSO experience is required.
- Candidate must possess or have the ability to obtain DODI 8570-‐.01 compliant certification Experience with supporting various system configurations (Stand Alone, Peer to Peer Networks, Local Area Networks, and Wide Area Networks) and security hardening, test, and maintenance of systems.
- Experience with various Security Content Automation Protocol (SCAP) tools such as Assured Compliance Assessment Solution (ACAS) (Nessus) and SCAP Compliance Checker (SCC).
CITIZENSHIP/SECURITY CLEARANCE:
- U.S. Citizenship required. Must have or be able to obtain and maintain a Secret security clearance. TS/SCI & SAP eligibility is required. Active TS/SCI clearance is desired.
WHAT’S IN IT FOR YOU?
- Become part of a high-tech work environment that is highly impactful, exciting, and collaborative.
- Flexible working environment that enables our employees to balance work and personal life.
- A comprehensive benefits package that includes medical, dental, vision and prescription benefits with extremely low employee cost share for you and your eligible dependents.
- A well-funded Health Spending Account with standard account fees paid by Resonant Sciences.
- 10 Federal Holidays (6 Standard, 4 Floating).
- A flexible Paid Time Off plan for employees.
- A generous retirement plan, subject to plan, IRS and ERISA rules.
WHO ARE WE?
Resonant Sciences is a research and development firm with locations all over the United States, focused on developing and transitioning innovative technologies and solutions to developmental and operational platforms. Our areas of expertise include radome and antenna design and fabrication, custom electronic solutions, and RF measurements of materials, antennas, radomes, and subsystems. Our extensive capabilities include design and analysis, production, and ground and flight testing.
A career at Resonant Sciences means that you will be involved in the complete development life cycle, seeing your design evolve from development prototype to incorporating mission requirements to technical specifications into a finished product for field testing.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
