Information Systems Security Officer (ISSO)
Applied Research Associates (ARA), Inc. has an immediate need for an experienced IT Professional to serve as an Information Systems Security Officer (ISSO) for the Integrated Missions System (IMS) Sector on-site in our Raleigh, NC office. In this position, you will manage information systems that adhere to government regulations in a Sensitive Compartmented Information Facility (SCIF) environment, these duties include maintaining and monitoring compliant information systems for use on Sensitive Compartmented Information (SCI) government contracts.
The ISSO will provide mission-critical support by:
* Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures.
* Performing vulnerability assessments using Tenable Nessus, Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks.
* Implementing operating system and network device security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides.
* Performing security control selection, tailoring, implementation, and assessment.
* Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
* Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change.
* Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the information systems.
* Conduct periodic reviews of information systems to ensure compliance with the security authorization package.
Information Systems Security Officer (ISSO) Qualifications:
* US Citizen with an active DoD Top Secret clearance with SCI eligibility.
* Bachelor’s degree with 2-4 years of Information Assurance/Cybersecurity (IA/CS) experience, equivalent professional experience (at least 8 years) will be considered for talented candidates without a degree.
* Experience with security controls and implementation delineated in Committee of National Security Systems Instruction (CNSSI) 1253, National Institute of Standards and Technology (NIST), Special Publication (SP) 800-53, and the Joint Special Access Program Implementation Guide (JSIG).
* Assist in ensuring compliance with Department of Defense (DoD) regulations, Intelligence Community Directives (ICDs), and Security Technical Implementation Guides (STIGs).
* Experience with Risk Management Framework (RMF) DODI 8510.01.
* Experience implementing operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides.
* Experience performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information system.
* Experience with Intelligence Community Directive (ICD) 705, DoDD 5205.07, and DOD 5205.07-M Volumes 1-4, Special Access Program (SAP) Policy, and the Joint Special Access Program Implementation Guide (JSIG).
* Strong written and verbal communication skills.
Information Systems Security Officer (ISSO) Skills and Certification Requirements:
* Possess DoD Approved Baseline Certification as Information Assurance Manager Level I or IATT Level II in accordance with DoD 8570.01-M. (i.e., CompTIA Security+, CySA+) ISC2 CISSP preferred.
* Ability to work independently and exercise good judgment.
* Strong troubleshooting skills.
* Strong Network experience preferred.
* Experience with performing system audits and vulnerability scans.
* XACTA experience preferred.
* COMSEC custodian experience preferred.
Who is ARA?
Do you want to work for a purpose? Applied Research Associates, Inc. (aka ARA) is an employee-owned international research and engineering company. We have been providing technically superior solutions to complex and challenging problems in the physical sciences since 1979. ARA has over 2,128 employee owners and continues to grow rapidly. Together, our offices throughout the U.S. and Canada provide a broad range of technical expertise in defense, civil, and health technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement.
ARA also prides itself, on having a challenging culture where innovation & experimentation are the norm. The motto, “Engineering and Science for Fun and Profit” sums up the ARA experience. Employee ownership ensures you have a voice with what happens in the company. We are also very proud of our Women’s Initiative Network (WIN), whose purpose is to motivate, support, and encourage professional career development for women to maximize career and professional accomplishments.
To find out more about what the Integrated Mission Systems Sector has to offer, visit our website at: https://www.ara.com/benefits/
Experience
Required
* 2 - 4 years: Relevant Work Experience
* 2 - 4 years: RMF Process
Education
Preferred
* Bachelors or better in Information Technology or related field
Licenses & Certifications
Required
* Comp TIA Security+
Preferred
* Cert Info Sys Secur Prof
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)