Information Security System Officer (ISSO) - San Diego, CA

The Information Security System Officer develops information system solutions following Risk Management Framework (RMF) with implementations following JSIG, DAAPM, and CMMC. The ISSO assists the ISSM in the responsible for attaining and maintaining system assessments and authorizations through government authorizing agencies from requirements through operational deployment. The ISSO also coordinates requirements with DoD agencies (e.g. DCA, OSI PJ, etc.) to ensure mission accomplishment and the protection of sensitive information.
This position will require Special Access Program access-- SAP experience is highly desired with at a minimum Secret Clearence. Interacts with agencies such as DARPA, DCSA, OSI PJ, continuous review of EMASS/Program packages, setting up and managing our computer networks, and completing audits between our two locations in Irvine, CA, and Poway, CA. Maintains compliance of accredited information systems based on federal and DoD security standards and creates and maintains the System Security Plans (SSP) and associated documentation.

Core Responsibilities

• Ensures classified systems follow government and company regulations while still meeting program demands and operating in an accredited state.
• Assist with the design, development and implementation of programs, procedures and systems for secure facilities; ensures facility compliance with requirements for classified information system processing.
• Assists and conducts risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
• Assesses system security threats and risks and provide leadership in the implementation of corrective action.
• Maintains knowledge of applicable policies, regulations, and compliance documents related to classified computing assets and environments.
• Assists with security reviews, tests, and audits of information technology systems and DoD Cybersecurity On-Site Inspections; ensures periodic self-inspections are conducted.
• Plans designs and develops strategic initiatives to ensure secure operation and requirements are met.
• Represents the organization as an alternate contact with internal and external representatives
• Assist/develop curriculum and course contents and implements training.
• Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company.
• Create and Maintain documentation (policies, procedures, and artifacts) following RMF.

Minimum Qualifications

• Education Requirements:
• Bachelor’s degree in criminal justice, Security Management, Business Administration, Political Science, or a related field is OR Minimum of 5 years of ISSO or Cybersecurity policy/engineering experience
• 
  
• Technical Requirements:
• Experience with incident response, disaster recovery, and forensics principles.
• Proficient in writing RMF authorization packages and ushering them through the A&A process.
• Must demonstrate a broad understanding of information assurance principles, theories, concepts and techniques.
• Experience in continuous monitoring and cybersecurity hygiene for Windows/Ubuntu domains and network enclaves, as well as designing, building, and maintaining information system enclaves.
• Proficient with multiple Government information security policies and regulations: e.g. Risk Management Framework (RMF), ICD-503, JSIG, and NIST 800 series special publications.
• Possess DoD 8570 IAM Level II/III certification (condition of employment)
• Experience in designing computing hardware and networking, along with expertise in security-relevant tools, systems, and applications such as NESSUS, ACAS, DISA STIGs, SCAP, and HBSS.


• Additional Requirements:
• Passion for solving complex problems with little supervision in a fast-moving team.
• Ability to balance multiple priorities in a fast-paced, highly collaborative, frequently changing, and sometimes ambiguous environment.
• Ability to work independently or in a team environment is essential as is the ability to work extended hours as required.
• to collaborate across multiple teams.



• Travel Requirements
• Willing to travel for company business between our Irvine, CA and Poway, CA locations, as well as to customer sites. (~10%)


• Security Requirements
• Must be a US Citizen that holds an active DoD Secret clearance and all Special Program accesses (condition of employment)

EpiSci is proud to be an equal opportunity and affirmative action employer. We are committed to equal employment opportunity regardless of race, color, religion, sex, sexual orientation, age, marital status, disability, gender identity or Veteran status. We value our differences and we’re excited to learn what you can add to our team.
Don't meet every single requirement? At EpiSci, we're committed to building a diverse, inclusive, and authentic workforce, so if you're excited about this role but your previous experience doesn't align perfectly with every qualification, we encourage you to apply anyway! You may be the perfect candidate for this or another role at EpiSci.