Information Systems Security Officer (ISSO)

Position Summary

MAG is currently looking for an Information Systems Security Officer (ISSO) to provide a variety of services leveraging the Risk Management Framework (RMF) accreditation. Services are associated with validation, approval, and sustainment of cybersecurity accreditation packages. Performs and analyze a range of Information Security Systems Officer (ISSO) activities and assist with the development and implementation of security policies.

Essential Duties and Responsibilities

Duties include, but are not limited to: 

 

• Gather and translate customer requirements, interact with stakeholders from many areas, and lead efforts to ensure customer products and recommendations will meet customer information security policies in an ever-changing technical environment.
• Test and monitor the security control using the appropriate methods and procedures to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome. 
• Monitor the security of the IS on a continuous basis including assessing control effectiveness, documenting changes to the system, conducting security impact analyses of the associated changes, and reporting the security status of the system to appropriate organizational officials on a regular basis. 
• Review, prepare and update RMF authorization packages 
• Conduct assessments of information security controls to measure the effectiveness of controls and identify any gaps 
• Manage remediation efforts and report on the status of control deficiencies 
• Provide security expertise to business units and key stakeholders
• Provide timely status updates/reporting on assessments and assigned projects. 
• Process and approve admin account requests, and ETPs, SAARs, and other access requests.

Requirements

Minimum Requirements

 

The required skills and knowledge include:

 

• US Citizenship and Possess an Active TS/SCI Clearance 
• In compliance with DoD Cyber Workforce 8570.01  
• Experience in Information Assurance / Cybersecurity, including development, integration, and implementation of cybersecurity and program protection standards for networking, computers, and custom applications. 
• Thorough knowledge of the Department of Defense 8510.01 Risk Management Framework (RMF) for DoD Information Technology, DoD Instruction 8500.1 Cybersecurity, DoD Directive 8140.01, Cyberspace Workforce Management, NIST 800 Special Publications, Federal Information Processing Standards (FIPS), and knowledge of current authorization practices, particularly within the DoD. 
• Account & report the security configuration baselines for Windows and Linux platforms, networking equipment, cloud technologies, and custom applications (i.e., Minimum Benchmarks: CIS, STIGS). 
• Provide subject matter expertise, advice and assistance in the planning, implementation, and accreditation of technology and solutions. 
• Must meet position and certification requirements outlined in DoD Directive 8570.01 M for Information Assurance Management Level 2 (IAM Level II).    

Experience

• The minimum years of related experience required: 5 years  

Education 

• The minimum level of education required is: BS in Computer Science or Information Technology (or equivalent experience): 

Desired Requirements 

  

The desired skills, knowledge, and education include:

 

• Familiar with DIA assessments and accreditation documentation within the XACTA management platform. 
• Familiar with eMASS - ENTERPRISE MISSION ASSURANCE SUPPORT SERVICES platform.
• Conduct audits to identify how well controls are delivered/supported and potential opportunites for improvement with stakeholders.
• Provide reports, briefs, and POAM creation for findings.
• Ability to read, review, and consolidate ACAS scans, DISA STIGS, and Information Assurance Vulnerability Management (IAVM) results. 
• Excellent interpersonal skills, including the ability to work on multi-functional teams 
• Display detailed knowledge and understanding of multiple technology infrastructures. 
• Ability to serve as a principal advisor on all matters, technical and otherwise, involving the security of an IS.  
• Exhibit individual initiative to influence events and achieve goals. Be proactive and a self-starter, going beyond specific job responsibilities to ensure goals and achieved or exceeded. 
• Travel as necessary for customer projects, technology expositions, and corporate meetings.  

Other Qualifications   

• Outside of the above, other certifications, licenses, or clearances include: None 
• Physical requirements for the job include the ability to work in an office and lab environment. 

Company Policy

MAG Aerospace (MAG) is an Equal Opportunity/Affirmative Action Employer and is committed to Diversity and Inclusion. We encourage diverse candidates to apply to our positions.All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.Click below for the “Know Your Rights" and “Pay Transparency Nondiscrimination” supplement posters.https://www.dol.gov/agencies/ofccp/posters MAG Aerospace (MAG) is committed to providing an online application process that is accessible to all, including individuals with a disability, by offering an alternative way to apply for job openings. This alternative method is available for those who cannot otherwise complete the online application due to a disability or need for accommodation.MAG provides reasonable accommodation to applicants under the guidance of the Americans with Disabilities Act (ADA), Section 503 of the Rehabilitation Act of 1973, the Vietnam-Era Veterans’ Readjustment Assistance Act of 1974, and certain state and/or local laws.If you need assistance due to a disability, please contact the MAG Aerospace Recruiting email:Applicant.Assist@mag.us or call (703) 376-8993.