GENERAL JOB SUMMARY:
The Information System Security Officer (ISSO) serves as the principal advisor to the Information System Owner (ISO) and Information System Security Manager (ISSM) on all matters, technical and otherwise. The ISSO will perform a classified cyber security role supporting multiple programs with working knowledge of the Risk Management Framework (RMF).
ESSENTIAL JOB FUNCTIONS:
- Maintains/recommends changes of the cybersecurity program to the ISSM.
- Participates in the development and implementation of security procedures.
- Works with ISSM to develop operational information systems security.
- Leverages guidance pertinent to all applicable directives and publications
- Participates in the generation and maintenance of RMF documentation.
- Plays an active role in monitoring a system and its environment of operation to include developing and updating the system artifacts, managing, and controlling changes to the system and assessing the security impact of those changes, in close coordination with the ISSM.
- Reviews artifacts pertinent to an information system ensuring Authorization to Operate (ATO) compliance.
- Coordinates with ISSM/CPSO on approval of external information systems
- Maintains, per individual system and its accreditation, a baseline of configuration, hardware, software, and firmware.
- Maintains, updates, and executes information system continuous monitoring plan.
- Ensures data ownership and responsibilities are established for each IS and specific requirements (e.g., accountability/access/special handling requirements) are enforced.
- Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS.
- Ensures adherence to these information system security policies and procedures.
- Ensures proper procedures are followed, per the Cyber Incident Response Plan, when information system security incidents are discovered.
- Disseminates appropriate documentation to all applicable personnel.
- Ensures initial, annual and “as needed” training is accomplished and documented.
- Ensures events captured are as outlined in applicable directives and publications.
- Coordinates with disinterested parties to employ various intrusion attacks.
- Ensures all system security-related vulnerabilities are documented and ensure serious/unresolved violations are reported to the AO/DAO
- Advises users on the proper operation of a specific IS as outlined in its SCTM.
- Assists SAs in the approved maintenance procedures as approved by the ATO.
- Provides guidance, based on component classification, before purging and release
- Confirms domain/local policies are configured to meet regulatory requirements.
- Monitors system backup and recovery processes to ensure security features and procedures can be properly restored and are functioning correctly.
- Coordinates any configuration changes of a system with the ISSM prior to the change.
- Assesses changes to the system/operational needs that could affect its accreditation.
- Voting/veto member of the CCB for all systems.
- Assists with coordination between Kratos Security and Defense and Government authorities regarding system security posture requirements.
- Participates in information system security inspections, tests, and reviews.
- Ensures ISSM understands inspection timelines, operational impacts, and results.
- Attends required technical and security training (e.g., operating system, networking, security management) relative to assigned duties.
- Maintains a working knowledge of system functions, security policies, technical security safeguards and operational security measures.
- Assist with development of an effective information system security education, training, and awareness program.
- Prepares audit/event reports for ISSM review, highlighting any/all anomalies.
- Participates in scheduling periodic testing to evaluate the security posture of IS.
- Ensures systems are operated, maintained, and disposed of according to the policies and procedures outlined in the security authorization package.
- Ensures system administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks.
- Serves as member of the configuration change board (CCB).
- The ISSO shall assume ISSM responsibilities in the absence of or if no ISSM is assigned.
- Assists the ISSM in meeting their duties and responsibilities.
- Interfaces with internal and external customers, program managers, IT, security staff, etc.
- Maintains required DoDD 8570.01 IAM level II certifications.
Other Job Functions
- Provides technical guidance as a non-voting member of the configuration change board.
- Serve as a member of the COMSEC Team
Experience and Skills
KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:
- Ability to maintain sensitive and confidential information as required by government standards.
- Ability to interact effectively with peers and supervisors.
- Ability to interact appropriately with the public when necessary.
- Ability to adhere to workplace rules.
- Ability to effectively communicate professionally in writing or verbally with all levels of personnel.
EDUCATION AND EXPERIENCE:
- Must have active security clearance (within 5 years of last investigation)
- BS/BA in Information Technology, Computer Science
- 2+ years of ISSO experience in a TS/SCI environment supporting a government customer or 7+ years as System Administrator/Cyber Support to classified systems
- Must be willing and able to be SAP briefed
- Experience conducting vulnerability scans and interpreting results
- Certification level to meet DOD Directive 8570.01-M IAM II requirements
- Security + or Higher Certification
WORK ENVIRONMENT / PHYSICAL REQUIREMENTS:
- Office and/or manufacturing environment
- Ability to stand and sit for long periods of time
- Ability to perform repetitive motion (keyboarding, 10-key, phones)
- Ability to lift up to 50 pounds
- May work extended hours or weekends and have on-call schedule/duties.
- 25-50% – May be required between customer site and/or other KUAS locations.
To apply for this job please visit kratosdefense.submit4jobs.com.