Information Systems Security Officer

We are seeking a talented and motivated individual to join as a Junior-level Information Systems Security Officer (ISSO). As an ISSO, you will play a critical role in ensuring the confidentiality, integrity, and availability of our information systems and data by implementing and maintaining robust security measures. You will work closely with our security team to identify vulnerabilities, develop security strategies, and enforce policies and procedures to safeguard our organization against potential threats

Responsibilities

• Assist in the development, implementation, and enforcement of information security policies and procedures.
• Conduct regular risk assessments and vulnerability scans to identify potential security gaps and recommend appropriate mitigation strategies.
• Collaborate with system administrators, network engineers, and other IT teams to ensure secure configurations are implemented and maintained for all systems and networks.
• Monitor security logs and investigate security incidents, reporting findings and recommending remedial actions as necessary.
• Assist in the preparation, maintenance, and submission of accreditation and compliance documentation in accordance with relevant regulations and standards.
• Develop and deliver training programs to raise awareness among employees regarding information security best practices.
• Stay abreast of emerging security threats, trends, and technologies to proactively identify potential risks and recommend appropriate countermeasures.
• Provide support during security audits and assist in the implementation of audit recommendations.
• Assist with incident response activities, including forensic analysis, containment, and recovery, as needed.
• Participate in security-related meetings and collaborate with stakeholders to address security concerns, ensuring alignment with organizational objectives.

Requirements

• Bachelor’s degree in computer science, Information Technology or related field.
• Must be a US citizen and pass a background investigation.
• Able to obtain and maintain a DHS Suitability/Entry on Duty (EOD)
• Relevant certifications such as Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are a plus.
• Basic understanding of information security principles, concepts, and best practices.
• Knowledge of networking concepts, operating systems, and common cybersecurity tools.
• Strong analytical and problem-solving skills to identify and resolve security issues.
• Excellent communication and interpersonal skills to collaborate effectively with Engineering teams and stakeholders.
• Attention to detail and the ability to prioritize tasks in a fast-paced environment.
• Ethical mindset and commitment to maintaining confidentiality and integrity of sensitive information.
• Up-to-date knowledge of current and emerging cybersecurity threats and trends.
• Minimum of 1 year of experience supporting an ISSO/ISSM in the development of Security Authorization requirements by providing technical expertise of system implementation. Includes providing technical evidence in support of A&A processes. Includes experience with NIST RMF
• Basic understanding of industry best practices related to the implementation of cybersecurity tools, information security policy, NIST, and FISMA controls.