Information Security Systems Officer (ISSO)

Sabre Systems is seeking an Information Security Systems Officer (ISSO) to lead a team that ensures cybersecurity policy compliance, endpoint security, and cyber security administration in support of PEO Aviation located in Huntsville, AL. The successful candidate will lead PEO Aviation’s ELAN Cyber Team to maintain and strengthen the security posture of PEO Aviation’s enterprise network.

Responsibilities:

• Ability to oversee and assign daily tasks to a team of cybersecurity professionals.
• Ability to manage projects that relate to cybersecurity.
• Assists in the development of application security policies.
• Establish procedures & processes to ensure tracking and mitigation of risks identified during the ATO process.
• Develop and update Interconnection Security Agreement documentation as needed.
• Develop and update System Security Plans (SSPs) and supporting documentation.
• Assisting with tailoring of security control baselines for general support system and other FISMA reportable systems, including cloud systems utilizing FedRamp controls.
• Collecting and validating control implementation statements from subject matter experts.
• Oversee development of security and privacy control implementation statements per NIST SP 800-53 and agency security policy standards.
• Assist with the migration to NIST SP 800-53 Rev 5, identifying gaps and providing understanding of new requirements to technical teams for implementation.
• Conduct security reviews for changes impacting hardware, software, baselines, connections, or applications.
• Review and assess POA&M outputs, recommending additional work or closure.
• Support the continuous monitoring program as necessary when Information System Continuous Monitoring (ISCM) results will be used to support continuing authorization requirements or ongoing authorizations.
• Document and communicate control deficiencies for POA&M consideration.
• Assist in developing security policies, ensuring compliance, and updating documentation.
• Provide information for status reports, briefings, schedules, and project plans in written and oral form.
• Ensures domain level Group Policy configurations are in place and compliant with approved security posture.
• Compliance and Auditing processes and inspections for all applications; ensures validity and accuracy review of all associated documentation.
• Performs compliance reviews of applicable STIGs, performs risk assessments, and performs security test evaluations and audits.
• Analyzes security requirements for information protection for enterprise applications.

Qualifications:

• Ability to interpret and apply DOD and Army level cyber instructions and regulations
• Ability to apply cybersecurity theories and principles to a large complex IT system
• Excellent written and oral communication skills
• Understanding of the application of DISA STIGs
• Ability to manage people, schedules, tasks, and projects

Requirements:

• BA/BS with five (5) or more years of experience or AA with seven (7) or more years of experience
• IAT II Certification
• An Active DoD Secret Clearance is required
• Must be an US Citizen

Desired Skills:

• Experience with RMF
• Experience with eMass
• Experience with Windows and Linux operating systems
• Experience with Trellix, ESS, Elastic, ACAS, NESSUS, SCCM, PowerShell