Information System Security Officer

Overview

Intrepid, an SPA Company, sets the standard for delivering excellence in the federal marketplace and is known for treating employees like family. We provide our employees with a challenging and supportive work environment, paired with a competitive salary and an industry-leading 401k contribution. 

We are looking for an Information System Security Officer (ISSO) to join our team to support the U.S. Government and Industrial Base. Your role would be to provide Cybersecurity support as an Information Systems Security Officer (ISSO), ensuring the confidentiality, integrity, availability, authentication, and non-repudiation of information systems operating in a classified environment. The ISSO will be responsible for reviewing, implementing, updating, and documenting company-wide information, security policies and procedures, managing security audits and vulnerability and threat assessments, investigating and documenting network or system intrusions, and ensuring fulfillment of legal and contractual information security and privacy mandates, preventing, and detecting intrusion.

Responsibilities

• Conduct assessment of RMF controls, develop and track POAMs to completion, and ensure all requirements are met in eMASS in support of the RMF process.
• Execute and maintain the overall security posture of the systems and assist in the security assessment and authorization process for RMF requirements while meeting the programmatic needs of the customer.
• Provide support for the ISSM with local Defense Security Service (DSS) and Defense Counterintelligence and Security Agency (DCSA) information security personnel.
• Conduct vulnerability scans using ACAS and SCAP, push patches and updates, and mitigate vulnerabilities.
• Maintain awareness and knowledge of evolving security threats and risk management.
• Conduct continuous monitoring of the system security.
• Maintain required artifacts in support of RMF specific to each project.
• Analyzing system logs and identifying potential issues with computer systems.
• Applying operating system updates, patches, and configuration changes.
• Installing and configuring new hardware and software.
• Adding, removing, or updating user account information, resetting passwords.
• Security management.
• Documenting system configuration. Troubleshooting anomalies.
• Managing Network infrastructure.

Qualifications

Required Qualifications:

• Bachelor's degree in a STEM field
• The ability to work onsite, up to full time, depending upon client needs
• Experience configuring, administering, and maintaining computer systems (Such as Windows 10, Server 2012R2, Server 2016, Active Directory, RedHat Enterprise Linux)
• Experience in configuration and management of virtual machine environments such as VMware ESXi hypervisor, vCenter management, OpenShift, etc.
• Knowledge of and experience using cybersecurity auditing tools (Nessus, ACAS, SCAP/SCC, etc.)
• 5+ years experience with enhanced DoD security controls for government networks including the Assured Compliance Assessment Solution (ACAS), Host-Based Security System (HBSS), Security Technical Implementation Guides (STIG), and Secure Host baseline (SHB)
• Experience with DCSA. Experience conducting vulnerability audits, security configuration checks, and system configuration scans to meet cybersecurity requirements
• 5+ years demonstrated experience developing, editing, and auditing cybersecurity policies, plans, and procedures for submission and maintenance with the National Industrial Security Program (NISP) Enterprise Mission Assurance Support Service (eMASS), especially in a contractor facility
• Working Knowledge of Linux, Microsoft Windows, and IP networking
• Linux certification is a plus
• Familiarity with network security architecture and systems security engineering concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• Familiarity with other security frameworks such as Cybersecurity Maturity Model Certification (CMMC) and National Institute of Standards and Technology (NIST) 800-series Special Publications
• An Active SECRET security clearance and the ability to maintain it throughout employment