What are the responsibilities and job description for the Information System Security Officer position at SPECIAL AEROSPACE SECURITY SERVICES INC?
Position Title: Information Systems Security Officer (ISSO), Senior
Work Location:
- Onsite at Schriever Space Force Base, Colorado Springs, CO 80840
Clearance and Eligibility:
- Security Clearance: Active Top Secret/SCI clearance required.
- Additional Requirements: Candidate must be SAP-eligible. Clearance and eligibility must be maintained throughout employment.
Position Overview:
We are seeking a Senior Information Systems Security Officer (ISSO) to join our team supporting the U.S. Space Force under the newly awarded 5-year LAN Integration Program contract. As a Senior ISSO, you will ensure the appropriate operational security posture is maintained for U.S. Space Force information systems and work in close collaboration with the Information Systems Security Manager (ISSM) and Information System Owner (ISO). You will be responsible for compliance with security authorization packages, conducting security reviews, and ensuring system security standards are upheld.
Key Responsibilities:
- Security Posture Management:
- Ensure operational security posture is maintained for assigned information systems by working closely with the ISSM and ISO.
- Assist in developing physical or logical topologies for systems to ensure compliance with DoD policies and security guidelines.
- Authorization Package Management:
- Prepare, review, and update authorization packages in accordance with Risk Management Framework (RMF) and Joint Special Access Program (SAP) Implementation Guide (JSIG) standards.
- Coordinate changes or modifications to system hardware, software, or firmware with the ISSM and AO/DAO prior to any alterations.
- Security Audits and Reviews:
- Conduct periodic reviews and audits of information systems to ensure compliance with security authorization packages.
- Ensure that security-related documentation is current and accessible to authorized individuals and review audit records to identify and document any anomalies.
- Incident Response and System Recovery:
- Monitor system recovery processes to ensure that security features and procedures are properly restored after incidents.
- Participate in cybersecurity self-inspections and help identify vulnerabilities, ensuring the implementation of appropriate countermeasures.
- Documentation and Compliance:
- Maintain up-to-date documentation for system security and ensure all system assessment plans are reviewed regularly.
- Ensure audit records, security impact analyses, and configuration management changes are properly documented and aligned with authorization boundaries.
- Training and Continuous Monitoring:
- Attend required technical and security training related to assigned duties.
- Conduct continuous monitoring of authorization boundaries and assist with RMF efforts across DoD, National Agency, and Contractor organizations.
- Support for DoD and National Agencies:
- Perform ISSO duties in support of internal and external customers, including assisting with security impact analysis and authorization efforts.
- Travel up to 10 days annually to support program functions, all within CONUS.
Experience and Required Skills:
Experience:
- 5-7 years of experience in ISSO, Systems Administration, or Network Administration roles within high-security DoD environments.
- Strong working knowledge of DoD 8570, RMF, and JSIG standards.
- Experience managing system security in compliance with NIST SP 800 and DoDI 8500 series guidelines.
Technical Skills:
- Familiarity with network security principles, DoD policies for implementing and executing system/network administration.
- Extensive experience solving technical problems quickly, automating repetitive processes, and applying best practices to security operations.
- Experience working with compliance tools and maintaining audit records for system security.
Security and Compliance Expertise:
- Strong understanding of Risk Management Framework (RMF) and Joint Special Access Program (SAP) Implementation Guide (JSIG).
- Expertise in conducting security reviews, audits, and documentation of system configurations and security safeguards.
Soft Skills:
- Ability to work both independently and collaboratively in a team environment.
- Attention to detail, with a focus on accuracy and quality in maintaining security compliance.
Required Certifications:
- DoD 8570 IAT Level II certification required (e.g., Security CE, GSEC, CCNA-Security, CySA , SSCP).
- CISSP, CISM, or equivalent certifications required, meeting DoD 8570 IAM III or equivalent.
Travel Requirements:
- Up to 10% - 20% travel within CONUS. Occasional travel is expected to support program functions, with no trips exceeding 10 days.