Information System Security Officer (ISSO)
Boulder, Colorado, United States
Full Time Mid-level / Intermediate Clearance required USD 110K - 120K
LinQuest is seeking an Information Systems Security Officer (ISSO) to join our team supporting the Space Systems Command (SSC) at the Tools Applications and Processing (TAP) Lab in Boulder CO. Candidates selected will focus on Information Assurance and Risk Management Framework to support the Sensor Exploitation Ground Architecture (SEGA) ground segment network architecture operations.
Key Responsibilities:
- Recommending resource allocations required to securely operate and maintain the network enterprise (NE) IA requirements.
- Participating in information system risk assessment during the A&A process
- Developing security requirements for hardware, software, and service acquisitions specific to NE IA SEGA/TAP networks
- Ensuring NE IS recovery processes are monitored and that IA features and procedures are properly restored.
- Identifying alternative functional IA security strategies to address SEGA/TAP NE security concerns and develop plans capable of implementation.
- Ensuring all IA inspections, tests, and reviews are coordinated for the NE
- Evaluating the adequacy of security measures proposed or provided in response to requirements listed in acquisition and operations documents
- Developing and implement programs to ensure systems, network, and data users are aware of, understand, and follow NE and IA policies
- Evaluating IT enclave systems and assess risk posture and system security findings and recommend mitigation and /or remediation actions.
Required Skills and Experience:
- Bachelor’s Degree in Computer Science or related discipline or 10+ years’ experience in the IT/Cyber industry
- A minimum of 2-5 years of experience as an ISSO
- Experience using RMF and ITIPS
- Incident management and response experience
- Experience analyzing vulnerabilities, assessing risk and ultimately making a risk recommendation to the AO. This includes in-depth knowledge and experience with requirements risk management, security engineering, and security architecture
- Experience in utilizing enterprise computer forensic tools (e.g., ArcSight, Palantir)
- Experience with computer networking concepts and protocols, and network security methodologies
- Experience with risk management processes (e.g., methods for assessing and mitigating risk)
- Experience with and knowledge of Information Assurance (IA), computer network attack (CNA), computer network defense (CND), and computer network exploitation (CNE) concepts, practices, and tools for the administration of classified and unclassified DoD computer networks and systems
- Experience with and knowledge of DoD and US Government (USG) information system (IS) accreditation and certification policies, standards, and governance, to include, and NIST FIPS Publications, DoDI 8500.2, and DISA STIGs
- Security+ certification
- CISSP certification
- TS/SCI Security Clearance is required to be considered for this position
- Ability to determine how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes
- Ability to determine how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes
- Ability to identify measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system
- Ability to prioritize and deconflict targets for CND and CNA activities
- Ability to conduct collateral effects and blowback assessments
- Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements)
- Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations
- Ability to conduct, review, and assess the results of security audits and A&A packages
- Ability to create technical correspondence, standard operating procedures (SOPs), and other repeatable processes
- Ability to analyze, collate, organize, report on, respond to, and develop solutions to threats, risks, and exposures of DoD networks
- Ability to advise IA teams in the DoD to support execution of technical countermeasure, to include but not limited to IAVA, IAVB, CTO, Warning Orders, and Situational Awareness Reports (SARs)
- Ability to recommend and establish DoD strategic priorities and apply available assets to investigate/isolate issues of the greatest interest
- Ability to communicate complex technical and programmatic information, concepts, or ideas in a confident and well-organized manner
- Ability to prepare and complete configuration management of program schedule, acquisition, and milestone decision documentation
- Must be able to demonstrate understanding and implementation of risk analysis, generating risk reports, and providing recommendations for risk mitigation
- Must have experience creating policies that reflect system security objectives
- Understanding of current DoD Acquisition Policy
- Working with military and other government representatives, FFRDC (Aerospace) representatives, and SMC's prime contractors, sub-contractors, and vendors.
- Strong written and verbal communications skills
- Ability to develop solutions for complex technical issues with limited supervision.
- Travel (25%) to Buckley AFB CO
Compensation
• Starting salary ranges from $110,000 to $120,000 depending on relevant experience and qualifications.
Benefits
• LinQuest offers comprehensive and competitive benefit offerings to our team members to include medical, dental, vision, retirement, paid time off, company paid life insurance, and more! For additional information please visit: https://www.linquest.com/careers/our-benefits
Why LinQuest?
LinQuest Corporation has a stellar 40-year track record of providing end-to-end system-of-systems (SoS) architecture definition, engineering design, integration and test, and operations expertise to enable full lifecycle development and deployment of pre-eminent Space, Air, Land, Sea, Ground, and Cyberspace game-changing capabilities across US DOD and IC Customers’ portfolios. Unique combination of in-depth domain knowledge, lessons learned-honed best practices, and mission-specific applications of principles, tools, and techniques of Digital Engineering (DE), DE Ecosystem (DEE), and Model-Based Systems Engineering (MBSE) set LinQuest apart from the competition to consistently deliver stellar high-value results for our customers. LinQuest’s corporate vision and values place the employee at the center of utmost customer satisfaction, strategic business growth, and tactical execution excellence. Our employees’ creative and inspirational drive, sense of fulfillment of personal and professional growth, and tightknit camaraderie within and across lines of business are essential in gaining and maintaining exceptional LinQuest corporate-wide results of new business awards and renewed contracts.
Tags: ArcSight Audits CISSP Clearance CND Computer Science DISA DoD Governance Network security NIST Risk analysis Risk assessment Risk management RMF Security Assessment Report Security Clearance STIGs TS/SCI Vulnerabilities
Perks/benefits: Career development Competitive pay Health care Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs