Today
Top Secret/SCI
Unspecified
Unspecified
Engineering - Systems
(On-Site/Office)
As an Information Systems Security Officer with MTSI you will be responsible for ensuring the confidentiality, integrity, and availability of the AFMC Integrated Development Office's information systems. This role involves developing, implementing, and maintaining security policies, procedures, and controls to protect sensitive data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. You will work closely with IT staff, management, and other stakeholders to identify and mitigate security risks, respond to security incidents, and maintain compliance with relevant regulations and standards. This position will be located at Wright-Patterson AFB.
You'll be a great fit for this role if: (SOFT SKILLS)
• Paying attention to detail and providing excellent customer service in a professional environment is a skill you excel at.
• You are passionate about continuous learning and growth, and you seek opportunities to challenge yourself.
• You are driven to make a meaningful impact through your work.
Responsibilities:
Duties to be independently executed include but are not limited to:
• Develop, implement, and maintain comprehensive security policies, standards, and procedures, ensuring alignment with organizational objectives, adherence to regulatory mandates (e.g., NIST, HIPAA, PCI DSS, GDPR), and incorporation of industry best practices; regularly review and update documentation for accuracy and relevance; and effectively communicate these policies to all stakeholders.
• Conduct routine risk assessments to identify vulnerabilities and potential threats to information systems; develop and implement tailored risk mitigation strategies and plans; and continuously monitor and report on the effectiveness of risk management controls.
• Continuously monitor security logs and alerts for suspicious activities indicative of potential security incidents; promptly investigate and respond to security incidents in a timely and effective manner, adhering to established protocols.
• Meticulously document all security incidents and their resolutions, capturing key details for future reference and analysis; actively participate in incident response exercises and simulations to enhance preparedness and refine response strategies.
• Conduct regular security audits and assessments to ensure strict compliance with both internal security policies and external regulatory requirements; diligently identify and address any security vulnerabilities and weaknesses uncovered during audits.
• Proactively prepare for and actively participate in both internal and external audits, providing necessary documentation and support to facilitate a smooth and successful audit process.
• Evaluate and recommend cutting-edge security technologies and solutions to enhance the organization's security posture; oversee the seamless implementation and ongoing maintenance of critical security tools, such as firewalls, intrusion detection/prevention systems (IDS/IPS), anti-malware software, and data loss prevention (DLP) systems.
• Implement and manage granular user access controls and permissions, adhering to the principle of least privilege to minimize the risk of unauthorized access to sensitive data and critical systems.
• Work closely with IT staff, management, and other relevant stakeholders to seamlessly integrate security considerations into all facets of the organization's operations, fostering a culture of security awareness and responsibility.
• Maintain accurate and up-to-date security documentation, including policies, procedures, and incident reports; prepare and present comprehensive security reports to management and other stakeholders, highlighting key findings, trends, and recommendations for continuous improvement of the organization's security posture; stay informed on the latest security threats, vulnerabilities, and technologies.
Qualifications Required:
• 3+ years experience in information security, with a focus on security policy development, risk management, and incident response.
• Experience with security frameworks such as NIST, ISO 27001, or CIS Controls.
• Strong understanding of information security principles and practices.
• Technical writing skills for developing security policies, procedures, and reports.
• Ability to understand technical documentation and vendor information.
Education:
• Bachelor's degree in Computer Science, Information Systems, or other related field.
Even better if you have these desired skills:
Clearance Requirements:
• Must possess an active DoD TS/SCI with in-scope SSBI and SAP eligibility.
• Please note: U.S. Citizenship is required.
You'll be a great fit for this role if: (SOFT SKILLS)
• Paying attention to detail and providing excellent customer service in a professional environment is a skill you excel at.
• You are passionate about continuous learning and growth, and you seek opportunities to challenge yourself.
• You are driven to make a meaningful impact through your work.
Responsibilities:
Duties to be independently executed include but are not limited to:
• Develop, implement, and maintain comprehensive security policies, standards, and procedures, ensuring alignment with organizational objectives, adherence to regulatory mandates (e.g., NIST, HIPAA, PCI DSS, GDPR), and incorporation of industry best practices; regularly review and update documentation for accuracy and relevance; and effectively communicate these policies to all stakeholders.
• Conduct routine risk assessments to identify vulnerabilities and potential threats to information systems; develop and implement tailored risk mitigation strategies and plans; and continuously monitor and report on the effectiveness of risk management controls.
• Continuously monitor security logs and alerts for suspicious activities indicative of potential security incidents; promptly investigate and respond to security incidents in a timely and effective manner, adhering to established protocols.
• Meticulously document all security incidents and their resolutions, capturing key details for future reference and analysis; actively participate in incident response exercises and simulations to enhance preparedness and refine response strategies.
• Conduct regular security audits and assessments to ensure strict compliance with both internal security policies and external regulatory requirements; diligently identify and address any security vulnerabilities and weaknesses uncovered during audits.
• Proactively prepare for and actively participate in both internal and external audits, providing necessary documentation and support to facilitate a smooth and successful audit process.
• Evaluate and recommend cutting-edge security technologies and solutions to enhance the organization's security posture; oversee the seamless implementation and ongoing maintenance of critical security tools, such as firewalls, intrusion detection/prevention systems (IDS/IPS), anti-malware software, and data loss prevention (DLP) systems.
• Implement and manage granular user access controls and permissions, adhering to the principle of least privilege to minimize the risk of unauthorized access to sensitive data and critical systems.
• Work closely with IT staff, management, and other relevant stakeholders to seamlessly integrate security considerations into all facets of the organization's operations, fostering a culture of security awareness and responsibility.
• Maintain accurate and up-to-date security documentation, including policies, procedures, and incident reports; prepare and present comprehensive security reports to management and other stakeholders, highlighting key findings, trends, and recommendations for continuous improvement of the organization's security posture; stay informed on the latest security threats, vulnerabilities, and technologies.
Qualifications Required:
• 3+ years experience in information security, with a focus on security policy development, risk management, and incident response.
• Experience with security frameworks such as NIST, ISO 27001, or CIS Controls.
• Strong understanding of information security principles and practices.
• Technical writing skills for developing security policies, procedures, and reports.
• Ability to understand technical documentation and vendor information.
Education:
• Bachelor's degree in Computer Science, Information Systems, or other related field.
Even better if you have these desired skills:
- Preferred Certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Ethical Hacker (CEH)
- Security+
- Creative problem-solving, analytical skills, agile under pressure, and impeccable business judgment.
- Ability to establish priorities, work independently, successfully execute multiple projects, and proceed with objectives with minimal supervision.
- Excellent interpersonal and relationship building skills across several diverse technical and non-technical groups.
Clearance Requirements:
• Must possess an active DoD TS/SCI with in-scope SSBI and SAP eligibility.
• Please note: U.S. Citizenship is required.
group id: RTL041421
