Information Systems Security Officer (ISSO)
Raleigh, North Carolina, United States
Full Time Mid-level / Intermediate Clearance required USD 50K - 93K *
ARA
ARA is globally recognized for applying technically-excellent, in-depth and diversified research, engineering, and technical support services to provide answers to complex and challenging problems in the physical sciences. We approach every...Applied Research Associates (ARA), Inc. has an immediate need for an experienced IT Professional to serve as an Information Systems Security Officer (ISSO) for the Integrated Missions System (IMS) Sector on-site in our Raleigh, NC office. In this position, you will manage information systems that adhere to government regulations in a Sensitive Compartmented Information Facility (SCIF) environment, these duties include maintaining and monitoring compliant information systems for use on Sensitive Compartmented Information (SCI) government contracts.
The ISSO will provide mission-critical support by:
- Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures.
- Performing vulnerability assessments using Tenable Nessus, Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks.
- Implementing operating system and network device security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides.
- Performing security control selection, tailoring, implementation, and assessment.
- Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
- Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change.
- Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the information systems.
- Conduct periodic reviews of information systems to ensure compliance with the security authorization package.
Information Systems Security Officer (ISSO) Qualifications:
- US Citizen with an active DoD Top Secret clearance with SCI eligibility.
- Bachelor’s degree with 2-4 years of Information Assurance/Cybersecurity (IA/CS) experience, equivalent professional experience (at least 8 years) will be considered for talented candidates without a degree.
- Experience with security controls and implementation delineated in Committee of National Security Systems Instruction (CNSSI) 1253, National Institute of Standards and Technology (NIST), Special Publication (SP) 800-53, and the Joint Special Access Program Implementation Guide (JSIG).
- Assist in ensuring compliance with Department of Defense (DoD) regulations, Intelligence Community Directives (ICDs), and Security Technical Implementation Guides (STIGs).
- Experience with Risk Management Framework (RMF) DODI 8510.01.
- Experience implementing operating systems and network devices security configuration in accordance with Defense Information Systems Agency (DISA) approved Security Technical Implementation Guides.
- Experience performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information system.
- Experience with Intelligence Community Directive (ICD) 705, DoDD 5205.07, and DOD 5205.07-M Volumes 1-4, Special Access Program (SAP) Policy, and the Joint Special Access Program Implementation Guide (JSIG).
- Strong written and verbal communication skills.
Information Systems Security Officer (ISSO) Skills and Certification Requirements:
- Possess DoD Approved Baseline Certification as Information Assurance Manager Level I or IATT Level II in accordance with DoD 8570.01-M. (i.e., CompTIA Security+, CySA+) ISC2 CISSP preferred.
- Ability to work independently and exercise good judgment.
- Strong troubleshooting skills.
- Strong Network experience preferred.
- Experience with performing system audits and vulnerability scans.
- Minimum of 3 years of XACTA experience.
- COMSEC custodian experience preferred.
Who is ARA?
Do you want to work for a purpose? Applied Research Associates, Inc. (aka ARA) is an employee-owned international research and engineering company. We have been providing technically superior solutions to complex and challenging problems in the physical sciences since 1979. ARA has over 2,128 employee owners and continues to grow rapidly. Together, our offices throughout the U.S. and Canada provide a broad range of technical expertise in defense, civil, and health technologies, computer software and simulation, systems analysis, environmental technologies, and testing and measurement.
ARA also prides itself, on having a challenging culture where innovation & experimentation are the norm. The motto, “Engineering and Science for Fun and Profit” sums up the ARA experience. Employee ownership ensures you have a voice with what happens in the company. We are also very proud of our Women’s Initiative Network (WIN), whose purpose is to motivate, support, and encourage professional career development for women to maximize career and professional accomplishments.
To find out more about what the Integrated Mission Systems Sector has to offer, visit our website at: https://www.ara.com/benefits/
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation CISSP Clearance Compliance CompTIA DISA DoD DoDD 8570 Monitoring Nessus NIST NIST 800-53 Risk analysis Risk management RMF SAP SCAP STIGs Top Secret Top Secret Clearance Vulnerability scans
Perks/benefits: Career development Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs