Information Systems Security Officer (ISSO) *REMOTE*

Title:

Information Systems Security Officer (ISSO) *REMOTE*

Belong, Connect, Grow, with KBR!

Program Summary:

KBR Government Solutions U.S. advances the priorities of the U.S. government and related commercial entities.  We deliver expertise and differentiated, technology-driven solutions in the fields of scientific research, systems engineering, data analytics and mission operations, and we offer a range of high-end services from a portfolio that spans defense modernization; military, civil and commercial space; intelligence; cyber; advanced logistics; and base operations.

Job Summary:

The successful candidate will provide support to the Test Resource Management Center’s (TRMC) All Domain Test Range (ADTR) and INDOPACOM Pacific-Rim Multi-Domain Training and Experimentation Capability Team, Joint Mission Environment Test Capability (JMETC) Secret Network (JSN) Node, JMETC Multiple Independent Levels of Security Network (JMN) Node, Secret Defense Research and Engineering Network (SDREN), Defense Research and Engineering Network (DREN).

In this role, you will be a critical part of our team responsible for evaluating customer requirements pertaining to complex technical challenges.   The successful candidate will assist with providing solutions to complex problems in a manner which meets both functional and security requirements. You will be responsible for keeping the team’s sting environment operational and in compliance with all TRMC directives and applicable RMF requirements. To do this you will frequently collaborate with other distributed team members to discuss current system status and plan desired future enhancements.  

The ideal candidate will have a blended skill set with a strong background in both systems administration and cybersecurity. This individual will possess experience in Windows and Linux server management, Active Directory, Security Technical Implementation Guides (STIGs), and virtualization technologies. This role is critical in ensuring the integrity, confidentiality, and availability of our information systems within a Department of Defense (DoD) environment.

Roles and Responsibilities:

Security Management

• Develop, implement, and maintain security policies, procedures, and standards to safeguard organizational information systems.
• Conduct regular security assessments, vulnerability scans, and penetration testing to identify and mitigate potential threats.
• Monitor security alerts and logs to respond to incidents in a timely manner, ensuring compliance with DoD regulations.
• Manage Privileged Access Management (PAM) solutions to ensure secure access control for sensitive systems and data.
• Filter and generate reports from Security Information and Event Management (SIEM) tools to provide insights into security incidents and trends.
• Respond to JFHQ-DODIN issued orders, such as Cyber Task Orders (CTO)
• Participate in DoD mandated Zero Trust efforts (initiatives, planning, testing and implementation)

Systems Administration

• Administer Windows and Linux servers, ensuring optimal performance, security, and uptime.
• Manage Active Directory for user account provisioning, authentication, and access control, ensuring compliance with organizational security policies.
• Implement and maintain STIGs to harden system configurations and reduce vulnerabilities across all server environments.

Virtualization and Cloud Management

• Oversee the virtualization of servers using VMware, Hyper-V, or similar technologies, ensuring secure and efficient resource allocation.
• Manage cloud-based services and applications, ensuring they adhere to security policies and best practices.

Risk Management Framework (RMF) Compliance

• Apply RMF principles to assess and manage risk associated with information systems, including categorization, selection of security controls, implementation, assessment, authorization, and continuous monitoring.
• Collaborate with stakeholders to ensure all systems are RMF-compliant and maintain relevant documentation.

Training and Awareness

• Develop and conduct security training programs for staff to enhance awareness of information security best practices and organizational policies.
• Function as a security advisor to other departments, providing guidance on secure system design and implementation.

Documentation and Reporting

• Maintain comprehensive documentation of security processes, incidents, and remediation efforts.
• Prepare and present reports on security posture, vulnerabilities, and incident response efforts to senior management and other stakeholders.

Basic Qualifications:

• Education: Bachelor’s or master’s degree in computer science, Information Technology, Cybersecurity, or a related field. (Additional experience may be substituted in lieu of degree)
• Citizenship: Must be a U.S. citizen
• Security Clearance:  Active secret clearance required – must be able to obtain Top Secret
• Experience: Minimum of 10 years of systems administration or cybersecurity-related experience, specifically within a DoD environment.

Preferred Qualifications:

• Advanced degrees or certifications (CISSP, CISM, CASP, Security+)
• Experience with McAfee ePolicy Orchestrator (ePO) for centralized security management.
• Familiarity with Assured Compliance Assessment Solution (ACAS) for vulnerability scanning and compliance monitoring.
• Technical Skills:
  • Proficient in Windows Server and Linux server management, including installation, security policies, configuration, and troubleshooting.
  • Strong experience with Active Directory, Group Policy, and user account management.
  • Familiarity with STIGs and the ability to apply them effectively to systems.
    • Evaluate-STIG tool.
  • Experience with virtualization technologies (e.g., VMware, Hyper-V) and cloud security practices.
  • Knowledge of network protocols, firewalls, and intrusion detection/prevention systems.
• Security Knowledge:
  • In-depth understanding of information security principles, practices, and frameworks, including RMF and NIST SP 800-53.
  • Experience with risk assessment methodologies and security control selection.
• Soft Skills:
  • Excellent communication and interpersonal skills, with the ability to work collaboratively across teams.
  • Strong analytical and problem-solving abilities, with a keen attention to detail.
  • Self-motivated with a proactive approach to security and system management.

Compensation:

$118,400-177,600

The offered rate will be based on the selected candidate’s knowledge, skills, abilities and/or experience and in consideration of internal parity.

KBR Benefits

KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule. We support career advancement through professional training and development.

INCLUSION AND DIVERSITY AT KBR

At KBR, we are passionate about our people, sustainability, and our Zero Harm culture.

These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a more inclusive and diverse company. That commitment is central to our team of team’s philosophy and fosters an environment of real collaboration across cultures and locations. Our individual differences and perspectives bring enhanced value to our teams and help us develop solutions for the most challenging problems. We understand that by embracing those differences and working together, we are more innovative, more resilient, and safer.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.