Posted today
Top Secret/SCI
Unspecified
Unspecified
Security
Dayton, OH (On-Site/Office)
Information Systems Security Officer (ISSO) - Dayton, OH
As an Information Systems Security Officer (ISSO) with MTSI you will support the DAF PAE C3BM office. This position requires active collaboration across multiple organizations and lines of effort. This position will be located at MTSI's Beavercreek, Ohio office. The individual filling this role will have the detailed knowledge and expertise required to manage the security aspects of an information system and is assigned responsibility for the day-to-day security operations of a system. This will include enterprise level IT system management, physical and environmental protection, managing system accesses, incident handling, and security training and awareness.
Your essential job functions will include, but may not be limited to:
• Serve as a key security advisor for assigned information systems, providing guidance on all matters of information assurance and cybersecurity
• Prepare, review, and update authorization packages for IT Systems at various security levels
• Conduct regular system security audits, vulnerability assessments, and risk analysis
• Conduct periodic reviews of information systems to ensure compliance with the security authorization package
• Assist in implementation of the required government policy (i.e., JSIG, NISPOM, SP-800-171, SP-800-53, RMF) for site-hosted information systems and makes recommendations on process tailoring
• Establish strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems
• Perform extensive assessments of systems and networks within the networking environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
• Ensure all users have the requisite security clearances, authorizations, and need-to-know, and are indoctrinated prior to accessing the system
• Analyze and review system audit logs to detect and respond to security incidents and unauthorized activity
• Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media at various security levels
• Develop and maintain System Security Plans (SSP), Plans of Action & Milestones (POA&M), and other security documentation
• Manage and control changes to the system and assess the security impact of those changes
• Performs extensive analyses to validate established security requirements and to recommend additional security requirements and safeguards
• Periodically conduct reviews of each system's audits and monitors corrective actions until all actions are closed
• Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties
Qualifications
• 5+ years' relevant experience with demonstrated performance in roles such as System Administrator, Network Administrator, or ISSO is required
• A current Information Assurance Manager (IAM) Level I (CAP, Security+ CE) or comparable certification in accordance with DoD 8570.01-M is required
• Experience working on classified and special access programs is required
• Must be located within commuting distance of Beavercreek, OH to support in-person attendance needs
• Experience with DOD 8500.01, Risk Management Framework (RMF) requirements as well as experience in drafting, submitting, and maintaining RMF packages, Experience with Joint Special Access Program (SAP) Implementation Guide (JSIG) packages is required
• Experience in development and maintaining of RMF Documents including System Security Plans (SSP), System Security Checklists, Privacy Impact Assessments, and Authority to Operate (ATO) artifacts is required
• Experience with COMSEC equipment management and maintenance
• Experience with classified material destruction policies and procedures
• Experience in TPI based security and roles
• Understanding of SAP and SCI annual inspections and requirements
Education Requirements
• Bachelor's degree in computer, information systems management or related field from an accredited college or university or equivalent experience
• Experience may be considered in substitution for education
Desired Requirements
• Experience working on-site in a government client environment
Travel
• Routine travel is not expected for this role; however, there may be infrequent travel required for training or meetings
Clearance Requirements
• Must possess an active Top-Secret security clearance with SCI and SAR eligibility
• U.S. Citizenship is required for this position
#LI-HP1
As an Information Systems Security Officer (ISSO) with MTSI you will support the DAF PAE C3BM office. This position requires active collaboration across multiple organizations and lines of effort. This position will be located at MTSI's Beavercreek, Ohio office. The individual filling this role will have the detailed knowledge and expertise required to manage the security aspects of an information system and is assigned responsibility for the day-to-day security operations of a system. This will include enterprise level IT system management, physical and environmental protection, managing system accesses, incident handling, and security training and awareness.
Your essential job functions will include, but may not be limited to:
• Serve as a key security advisor for assigned information systems, providing guidance on all matters of information assurance and cybersecurity
• Prepare, review, and update authorization packages for IT Systems at various security levels
• Conduct regular system security audits, vulnerability assessments, and risk analysis
• Conduct periodic reviews of information systems to ensure compliance with the security authorization package
• Assist in implementation of the required government policy (i.e., JSIG, NISPOM, SP-800-171, SP-800-53, RMF) for site-hosted information systems and makes recommendations on process tailoring
• Establish strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems
• Perform extensive assessments of systems and networks within the networking environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly
• Ensure all users have the requisite security clearances, authorizations, and need-to-know, and are indoctrinated prior to accessing the system
• Analyze and review system audit logs to detect and respond to security incidents and unauthorized activity
• Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media at various security levels
• Develop and maintain System Security Plans (SSP), Plans of Action & Milestones (POA&M), and other security documentation
• Manage and control changes to the system and assess the security impact of those changes
• Performs extensive analyses to validate established security requirements and to recommend additional security requirements and safeguards
• Periodically conduct reviews of each system's audits and monitors corrective actions until all actions are closed
• Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties
Qualifications
• 5+ years' relevant experience with demonstrated performance in roles such as System Administrator, Network Administrator, or ISSO is required
• A current Information Assurance Manager (IAM) Level I (CAP, Security+ CE) or comparable certification in accordance with DoD 8570.01-M is required
• Experience working on classified and special access programs is required
• Must be located within commuting distance of Beavercreek, OH to support in-person attendance needs
• Experience with DOD 8500.01, Risk Management Framework (RMF) requirements as well as experience in drafting, submitting, and maintaining RMF packages, Experience with Joint Special Access Program (SAP) Implementation Guide (JSIG) packages is required
• Experience in development and maintaining of RMF Documents including System Security Plans (SSP), System Security Checklists, Privacy Impact Assessments, and Authority to Operate (ATO) artifacts is required
• Experience with COMSEC equipment management and maintenance
• Experience with classified material destruction policies and procedures
• Experience in TPI based security and roles
• Understanding of SAP and SCI annual inspections and requirements
Education Requirements
• Bachelor's degree in computer, information systems management or related field from an accredited college or university or equivalent experience
• Experience may be considered in substitution for education
Desired Requirements
• Experience working on-site in a government client environment
Travel
• Routine travel is not expected for this role; however, there may be infrequent travel required for training or meetings
Clearance Requirements
• Must possess an active Top-Secret security clearance with SCI and SAR eligibility
• U.S. Citizenship is required for this position
#LI-HP1
group id: RTL041421
N
