Jul 15
Secret
Early Career (2+ yrs experience)
$100,000
No Traveling
IT - Security
King George, VA (On/Off-Site)
Position Summary:
As an Information Security Systems Officer (ISSO) supporting Kitty Hawk Technologies Department of Defense (DoD) contracts, you will be responsible for maintaining the cybersecurity posture of classified and unclassified information systems. You will ensure compliance with DoD cybersecurity policies and standards, including the Risk Management Framework (RMF), NIST Special Publications, and DoD Instructions (e.g., DoDI 8500.01 and 8510.01). The ISSO works closely with the FSO, IT staff, and program stakeholders to ensure systems meet and maintain authorization to operate (ATO).
Key Responsibilities:
• Implement and maintain security controls in compliance with DoD RMF, NIST SP 800-53, and DoDI 8510.01.
• Maintain and update System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and related security documentation.
• Support system Assessment and Authorization (A&A) activities to obtain and maintain Authority to Operate (ATO).
• Conduct and document regular security reviews, risk assessments, and audit log analysis.
• Assist with vulnerability scanning and remediation (e.g., ACAS, Nessus, STIGs, SCAP).
• Enforce security policies, procedures, and guidelines for users, developers, and administrators.
• Report and respond to security incidents in coordination with ISSM and Security Operations teams.
• Provide technical input on security architectures for new and existing systems.
• Support classified network (e.g., SDREN, SIPR) establishment and maintenance activities and coordination with Navy and DCSA representatives to meet security and infrastructure requirements.
• Participate in security inspections and assessments by government agencies (e.g., DCSA, DISA).
• Ensure proper handling, marking, and safeguarding of Controlled Unclassified Information (CUI) and classified information.
• Support Continuous Monitoring (ConMon) activities and system patching initiatives.
Required Qualifications:
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related discipline.
• 3+ years of experience in DoD cybersecurity, including RMF and NIST 800-53 compliance.
• Active DoD Secret security clearance or higher.
• Familiarity with DISA STIGs, SCAP tools, eMASS, and vulnerability management tools.
• Experience with A&A processes and associated documentation and submission of RMF packages.
• Experience coordinating with DCSA
• DoD 8570 IAT Level II or IAM Level I certification (e.g., Security+, CAP, GSLC, CISM, CISSP).
Preferred Qualifications:
• Top Secret or TS/SCI clearance.
• Experience with cloud-based systems (e.g., AWS GovCloud, Azure Government) and FedRAMP requirements.
• Familiarity with JSIG, CNSSI 1253, and classified system requirements.
• Knowledge of network architectures and system hardening techniques.
• Experience with Xacta, Splunk, ACAS, Nessus, and Host-Based Security System (HBSS/ESS).
Key Competencies:
• Detail-oriented with excellent documentation and organizational skills.
• Strong communication skills to interface with government customers, engineers, and auditors.
• Ability to manage multiple priorities and deadlines in a high-security environment.
• Team player with a proactive attitude toward cybersecurity risk management.
Work Environment and Additional Requirements:
• On-site support is required.
• Must be a U.S. Citizen due to DoD contract requirements.
Equal Opportunity Statement:
Kitty Hawk Technologies is an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.
As an Information Security Systems Officer (ISSO) supporting Kitty Hawk Technologies Department of Defense (DoD) contracts, you will be responsible for maintaining the cybersecurity posture of classified and unclassified information systems. You will ensure compliance with DoD cybersecurity policies and standards, including the Risk Management Framework (RMF), NIST Special Publications, and DoD Instructions (e.g., DoDI 8500.01 and 8510.01). The ISSO works closely with the FSO, IT staff, and program stakeholders to ensure systems meet and maintain authorization to operate (ATO).
Key Responsibilities:
• Implement and maintain security controls in compliance with DoD RMF, NIST SP 800-53, and DoDI 8510.01.
• Maintain and update System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and related security documentation.
• Support system Assessment and Authorization (A&A) activities to obtain and maintain Authority to Operate (ATO).
• Conduct and document regular security reviews, risk assessments, and audit log analysis.
• Assist with vulnerability scanning and remediation (e.g., ACAS, Nessus, STIGs, SCAP).
• Enforce security policies, procedures, and guidelines for users, developers, and administrators.
• Report and respond to security incidents in coordination with ISSM and Security Operations teams.
• Provide technical input on security architectures for new and existing systems.
• Support classified network (e.g., SDREN, SIPR) establishment and maintenance activities and coordination with Navy and DCSA representatives to meet security and infrastructure requirements.
• Participate in security inspections and assessments by government agencies (e.g., DCSA, DISA).
• Ensure proper handling, marking, and safeguarding of Controlled Unclassified Information (CUI) and classified information.
• Support Continuous Monitoring (ConMon) activities and system patching initiatives.
Required Qualifications:
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related discipline.
• 3+ years of experience in DoD cybersecurity, including RMF and NIST 800-53 compliance.
• Active DoD Secret security clearance or higher.
• Familiarity with DISA STIGs, SCAP tools, eMASS, and vulnerability management tools.
• Experience with A&A processes and associated documentation and submission of RMF packages.
• Experience coordinating with DCSA
• DoD 8570 IAT Level II or IAM Level I certification (e.g., Security+, CAP, GSLC, CISM, CISSP).
Preferred Qualifications:
• Top Secret or TS/SCI clearance.
• Experience with cloud-based systems (e.g., AWS GovCloud, Azure Government) and FedRAMP requirements.
• Familiarity with JSIG, CNSSI 1253, and classified system requirements.
• Knowledge of network architectures and system hardening techniques.
• Experience with Xacta, Splunk, ACAS, Nessus, and Host-Based Security System (HBSS/ESS).
Key Competencies:
• Detail-oriented with excellent documentation and organizational skills.
• Strong communication skills to interface with government customers, engineers, and auditors.
• Ability to manage multiple priorities and deadlines in a high-security environment.
• Team player with a proactive attitude toward cybersecurity risk management.
Work Environment and Additional Requirements:
• On-site support is required.
• Must be a U.S. Citizen due to DoD contract requirements.
Equal Opportunity Statement:
Kitty Hawk Technologies is an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.
group id: 91099564
