Information Systems Security Officer (ISSO)

Background Information: Innovative Defense Technologies (IDT), provider of automated software testing, data analysis, and cybersecurity solutions for complex, mission-critical systems in the US Department of Defense (DOD), is seeking an Information System Security Officer (ISSO) to support its San Diego, CA office. Overview:An Information System Security Officer (ISSO) is a key member of the security team that supports the Assessment and Authorization (A&A) process for information systems under the jurisdiction of the Defense Counterintelligence and Security Agency (DCSA). The ISSO is responsible for ensuring that the information system complies with the security requirements and controls specified in the DCSA Defense Assessment and Authorization Process Manual (DAAPM) and other applicable policies and regulations. All applicants must currently possess an active U.S. Security Clearance.  Responsibilities Include:

• Familiarity with the Defense Counterintelligence Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM) roles and responsibilities for the ISSO, as outlined in Section 3.7
• Coordinate with the Information System Security Manager (ISSM) and Facility Security Officer (FSO) to ensure the highest level of cybersecurity compliance for classified information systems
• Maintain the Information Systems (IS) security program and policies for assigned areas of responsibility IAW the DCSA DAAPM, assigned NIST 800-53 controls, and other guidance as assigned by the ISSM.
• Review and analyze all audit data at least weekly to ensure user activity adheres to operational security policy and procedures
• Review of network device System Log (syslog) information to correlate to system level activity across multiple information systems.
• Support ISSM oversight of operational IS security implementation policy and Risk Management Framework (RMF) guidelines to the system administrators
• Support ISSM in the development and documentation of the Plan of Action and Milestones (POA&M) and produce actions to mitigate identified risks
• Perform Continuous Monitoring (ConMon) tasks as assigned by the ISSM and documented within the System Security Plan
• Perform comprehensive investigations of security incidents and ensure proper measures are taken post discovery of the incident/event
• Administration of STIG compliance as it relates to Operating Systems and applications
• Facilitate and track all Information System Account requests and expirations for Internal Users and Visitor accounts
• Responsible for the preparation and demonstration of compliant classified IS’s in advance of a DCSA assessments
• Identity and Authorization Management, including user, group, and role on both Windows and Linux systems.
• Actively participate in the development and implementation of an effective IS security education, training, and awareness program
• Ability to travel up to approximately 10%
• Other duties as assigned

Minimum Required Qualifications:

• A bachelor’s degree in Engineering, Computer Science, Information Technology, or equivalent
• 5 or more years of relevant experience, preferably in a security position
• DoD Directive 8140.03 (previously DoD 8570): candidate must meet the requirements of an IAT Level II as a condition of employment.

Required Skills:

• RMF Continuous Monitoring Tooling and Systems (ACAS/Tenable, STIGViewer, SCAP Compliance Checker, etc.) 
• SIEM tools (Wazuh, Splunk, SolarWinds Security Event Manager)
• Cybersecurity tools (Tenable Security Center, Trellix ePO, Tanium, WSUS, RedHat Satellite)
• System Administrator experience with Windows Server/Workstation OS, Linux (Red Hat Enterprise Linux), VMWare VSphere VCenter, ESXi.
• Ability to manage users on both Windows and Linux environments, role-based access control (RBAC), security policies (GPO’s, SELinux, etc.), domain management (Active Directory, DNS, File Server, etc.), STIG/hardening actions, Troubleshooting (Event Viewer, top, netstat, systemctl, etc.)
• eMASS experience 
• National Industrial Security Program Operating Manual (NISPOM), The 32 Code of Federal Regulations Part 117 and Defense Counterintelligence and Security Agency Assessment and Authorization Process Manual (DAAPM) requirements 

Preferred Skills:

• Scripting and Automation with Shell (Powershell, Bash), Ansible Playbooks
• Writing Policy and Procedure documentation
• Experience in working on classified systems in a DCSA accredited environment 
• DCSA Authorization and Assessment Experience
• NIST 800-53 Security Control Experience
• Experience with tactical systems, virtualization

Competencies:

• Excellent verbal and written communication skills
• Attention to detail with high level of accuracy and confidentiality
• Initiative, reliability, teamwork and customer service orientation 

Pay Range*: $102,600 - $179,550 or $132,300 - $231,000  *Pursuant to California Senate Bill 1162 , IDT is required to disclose the “pay scale” or “pay range” associated with a job posting. Notably, however, this amount may not be reflective of actual compensation that may be earned as pay is dependent on a candidate’s experience, skills, and education. The posted range does not include bonuses, commissions, tips, or other benefits. Click here  for additional information about Senate Bill 1162. IDT is often looking to place multiple candidates at various levels. Therefore, more than one pay range has been included, commensurate with experience.  EEO Statement:IDT is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, protected Veteran status, or any other basis protected by federal, state, or local law.