Information System Security Officer (ISSO) (SME)

Who We Are!

Aetos Systems, Inc. was founded in early 2007 to provide a unique work experience. Employees are the foundation of our business. Our leaders work hard every day to empower and support our employees in the development of their careers, giving back to their community and providing their expertise and innovations to our customers - solving real world business problems. Our culture focuses on our people -- our strongest asset -- ensuring they have an environment to provide best-in-class service and solutions to our customers. We always strive to do the right thing.

Have you imagined working for a dynamic small business where you are heard, highly regarded and able to do what you love all in one package? This is your opportunity! Join now!

Job Summary

The Information System Security Officer (ISSO) (SME) serves as the principal advisor to the Information System Owner (SO), Business Process Owner, and the Chief Information Security Officer (CISO) or Information System Security Manager (ISSM) regarding the security of information systems. This subject matter expert is responsible for ensuring the consistent implementation and maintenance of security controls to safeguard systems from unauthorized modification, disclosure, or destruction. The ISSO provides strategic guidance, supports compliance efforts, and evaluates the effectiveness of security procedures, making recommendations for continuous improvement.

Responsibilities may include:

• Advise the Information System Owner, Business Process Owner, and CISO/ISSM on all technical and non-technical matters related to system security.
• Ensure that all required security controls are implemented and maintained throughout the system lifecycle.
• Direct and enforce procedures to cost-effectively protect information systems from both intentional and unintentional threats.
• Provide guidance to internal teams on the physical and digital protection of information system assets.
• Monitor and assess system security posture and prepare reports evaluating the effectiveness of current controls.
• Make informed recommendations for improving data security practices and adopting new protective procedures.
• Support compliance with applicable federal regulations, agency policies, and security frameworks.

Requirements

Required Minimum Education

• Education should be consistent with experience. Relevant experience and professional certifications can outweigh the need for a formal college degree

Required Years of Experience

• 10 years of relevant professional work experience

Required Skills, Qualifications, Technical Experience, etc.

• Fully Adjudicated Top Secret (TS) Security Clearance or greater
• Microsoft Windows, Active Directory
• Understanding of NIST 800 series publications and Federal Information Security Management Act (FISMA) compliance

Preferred Skills, Qualifications, Technical Experience, etc.

• VMWare vSphere 7 experience
• Cisco Networking
• Dell Server, and SAN Storage hardware experience
• Familiarity with system accreditation and authorization and the FBI’s ATO processes
• Experience evaluating, documenting, and managing NIST 800-53 control implementations
• Experience with GRC tools (RiskVision, Xacta and JCAM)
• Microsoft Windows Server Hybrid Administrator Associate
• VMware Data Center Virtualization (VCP-DCV), Cisco Certified Network Professional (CCNP)
• Certified Information Systems Security Professional (CISSP)
• NIST NICE Work Roles - Systems Administration (IO-WRL-005); Network Administration (IO-WRL-004); Systems Authorization (OG-WRL-13)

Benefits

What we offer:

• Competitive salaries
• Education and professional development assistance
• Multiple healthcare benefit packages & 24/7 virtual on-demand doctors’ visits
• 401K
• Dave Ramsey’s SmartDollar Financial Wellness program
• Civic Leave – time off to support your favorite charity or community
• Paid time off for personal leave and holidays