Information System Security Officer (ISSO)

Overview

The Information System Security Officer (ISSO) position is responsible for supporting the implementation, assessment, and monitoring of security requirements across multiple Electric Boat (EB) Information Systems (IS) supporting the U.S. Navy.  This position reports directly to the Chief of Cybersecurity.   

The successful candidate must possess sufficient understanding, knowledge, and experience to ensure EB ISs are operated and maintained in compliance with all policies and procedures required by the National Industrial Security Program Operating Manual (NISPOM), Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM), Risk Management Framework (RMF) process, and National Institute of Standards and Technology [NIST] Special Publications [SP] 800-53 (NIST SP 800-53). 

This position requires a balance of technical knowledge and experience, with strong documentation and reporting skills.  Responsibilities include:

• Developing and maintaining security plan documents (hardware and software baselines, diagrams, user lists)
• Reviewing, processing, and tracking configuration management requests and risk assessments
• Processing user agreement forms; ensuring users complete necessary training and meet requirements for access
• Developing and maintaining system specific policies and procedures
• Working with system/network administrators to verify Operating System (OS) and network device configurations, and ensure compliance with other technical requirements and configurations
• Monitoring and analyzing user and system activity
• Monitoring compliance with vulnerability management requirements
• Supporting incident response activities
• Working closely with the Information System Security Manager (ISSM), as well as other system stakeholders
• Providing guidance and support on security requirements and implementation
• Supporting internal and external inspections and assessments
• Supporting system assessment, authorization, and continuous monitoring efforts

NOTE:  This is not a remote position.  

Qualifications

Requirements:

• U.S. Citizenship
• Ability to obtain and maintain a DoD SECRET clearance
• Minimum of A.S. Degree (or higher) in Cybersecurity, Information Technology (IT) or Equivalent, or related certifications OR a minimum of a high school degree and 1+ years related working experience
• Technical understanding of and experience with Windows and/or Linux operating systems
• Working knowledge of computer networking concepts

  Preferred Qualifications:

• Working knowledge of the NISPOM, DAAPM, RMF process and NIST SP 800-53 Controls
• Experience with Enterprise Mission Assurance Support Service (eMASS)
• Experience monitoring and analyzing user and system activity
• Experience with monitoring security relevant applications (e.g. audit collection, vulnerability management, Security Information Event Monitoring (SIEM))
• Two or more years of experience as an ISSM, ISSO, System/Network Engineer/Architect/Administrator, or in an Equivalent RMF role
• Professional Cybersecurity certification (e.g. Security+, Network+, CISSP)

Skills

• Strong interpersonal, communication, organizational, and time management skills
• Ability to work independently, and collaboratively as part of a multi-functional team in a fast paced and challenging environment
• Strong documentation development and management skills