Tuesday, July 5, 2022

Latest Posts

Information Systems Security Officer (ISSO)

  • Title:

Information Systems Security Officer (ISSO)

KBR has an opening for a Information Systems Security Officer to join our team of qualified, diverse onsite at our Lexington Park, MD location. This position requires on site presence. Remote or Tele-Work is not available.

Role and Responsibilities:

  • Serve as an Information Systems Security Officer (ISSO) for Government information systems in support of a NAVAIR Program Management Office. Candidate will perform extensive assessments of systems and networks within the networking environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Candidate will achieve this through passive evaluations (compliance audits) and active evaluations (vulnerability assessments). 
    • Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits.
    • Assists in the implementation of the required government policy (i.e., RMF, NISPOM, JSIG) and makes recommendations on process tailoring. 
    • Performs extensive analyses to validate established security requirements and to recommend additional security requirements and safeguards.
    • Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of test results, and preparation of required reports. 
    • Periodically conducts of a review of each system’s audits and monitors corrective actions until all actions are closed.

Required Qualifications:

  • Bachelor’s degree in computer and architecture information systems management or related field from an accredited college or university or equivalent experience is required.
    • Ten years of experience with mid-sized client/server systems in systems analysis, software design, software development, and system administration are required.
    • Experience with DOD 8500.01, Risk Management Framework (RMF) requirements as well as experience in drafting, submitting, and maintaining RMF packages is required.
    • Knowledge of quality assurance, quality control, and independent verification and validation techniques is required.
    • Experience working independently and as part of a team in researching data, developing analytical techniques and methodologies is required.
    • Experience with managing secure Information Systems (IS) and databases while implementing and maintaining cross-domain solutions is required.
    • A current Information Assurance Manager (IAM) Level I certification in accordance with DoD 8570.01-M, or the ability to gain the IAM Level I certification within six months is required.
    • Applicant selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. A current Secret clearance with a Background Investigation completed within the last 6 years is required.

Preferred Qualifications:

  • Experience with DoD M5205.07 Series, Risk Management Framework (RMF) in accordance with NIST SP 800-53, Joint Special Access Program Implementation Guide (JSIG).
    • Knowledge in the development and maintenance of system security plans and contingency plans for all systems under their responsibility.
    • Experience in drafting, maintaining, and planning System Security Checklists, Privacy Impact Assessments, and Authority to Operate (ATO) artifacts.
    • Experience in developing Plan of Action and Milestones (POA&M) documentation for identified vulnerabilities and ensure compliance through monthly / quarterly updates.
    • Understanding of maintenance and inventory process for information Security Systems.
    • Experience in developing a variety of Assessment & Authorization deliverables, including System Security Plan (SSP), Security Assessment Report (SAR), Contingency Plan (CP) and Plan of Action and Milestones (POA&M) for review and approval for Authorization Official.
    • Knowledge in monitoring and conducting Security Control Assessment to ensure all controls meet security requirements as stipulated in the SSP, NIST SP 800-53, JSIG.
    • Experience in communicating technical Information to non-technical personnel.
    • Experience in coordinating with Leadership across the organization to ensure timely compliance.
    • Experience in developing waivers and exceptions for information system vulnerabilities.
    • Knowledge of quality assurance, quality control, and independent verification and validation techniques.
    • Experience working independently and as part of a team in researching data, developing analytical techniques and methodologies.

Please Click the link for application:https://kbr.wd5.myworkdayjobs.com/en-US/KBR_Careers/job/Patuxent-River-Maryland/Information-Systems-Security-Officer–ISSO-_R2043421

" " " "

Latest Posts

Don't Miss

Stay in touch

To be updated with all the latest news, offers and special announcements.