KDAM Information System Security Officer

Description

The Information Systems Security Officer (ISSO) is responsible for ensuring compliance with Air Force, DoD cybersecurity instructions, National Industrial Security Program Operating Manual (NISPOM), Risk Management Framework (RMF), corporate directives, and other government security requirements. The ISSO will develop, implement, and maintain security plans, vulnerability management strategies, and various security-related documents. Additionally, the role involves conducting system audits, self-inspections, and investigating security incidents. The ISSO will provide security training to system users and administrators and apply cybersecurity principles across classified computing systems and networks.

Essential Functions of the Position:

• Develop and maintain System Security Plans, vulnerability management plans, architecture analysis, and other artifacts for government customers.
• Conduct weekly system audits, periodic self-inspections, and investigate computer security incidents.
• Provide security training for personnel, system users, and administrators.
• Apply information technology security principles, including the configuration of security settings for Servers/Clients, LINUX, PC Desktops, LAN management, secure network links, and supported applications.
• Perform vulnerability scanning using tools such as ACAS, SCAP, or Tenable Nessus and prepare risk assessments and mitigation plans.
• Assist with hardware assembly, software installation, and network device configuration and verification.
• Participate in the design, development, and analysis of classified computing systems and networks in various operating modes.
• Support visitor control, physical security, and communications security efforts as needed.
• Other duties as assigned. 

Requirements

• Bachelor’s degree in Computer/Network Engineering, Computer Science, or Management Information Systems (or equivalent experience).
• Must hold a current IAM certification per DoD Directive 8570.01M, such as CompTIA Security+ CE, CISSP, GSLC, CAP, or CISM.
• Certification within 6 months of employment required if not already certified.
• Experience with vulnerability scanning tools such as ACAS, SCAP, Tenable Nessus, or similar.
• Working knowledge of Air Force and DoD cybersecurity instructions, RMF, NIST 800-53, and other relevant standards.
• Experience with Windows and Red Hat servers, infrastructure, and network administration.
• Familiarity with the Certification and Accreditation/Authorization process and systems security plan development.
• Selected candidate must be able to obtain a minimum of an active SECRET clearance and will be subject to a government security investigation and must meet eligibility requirements, including US Citizenship, for access to classified information and Communications Security (COMSEC) material.