Information Systems Security Officer

Overview

Employment in this role is conditional upon successful execution of the contract by the client.

The Work

The Information Systems Security Officer (ISSO) is responsible for ensuring the security posture of information systems is maintained in accordance with regulations, agency policies, and industry best practices.

This position aligns with Cayuse's core values of Innovation, Excellence, Collaboration, Adaptability, and Integrity by fostering technical solutions that meet customer needs, promoting teamwork, and prioritizing quality in deliverables.

Responsibilities

Key Responsibilities

• Perform Information Systems Security Officer duties consistent with the labor category and required RMF experience.
• Support Risk Management Framework (RMF) activities consistent with the required experience timeframe.
• Manage and perform records management for all Account Forms including but not limited to: Cybersecurity Awareness training for all students, Authorized User Agreements and associated user forms for all networks required for duty at the 39 IOS, System Authorization Access Requests, Privileged User Agreements, 8570/8140 validation, Operating System Certification validation, and associated user forms.
• Maintain appointment letters for work roles including, but not limited to: Program Managers, ISSO, Information Systems Security Manager (ISSM), Information Systems Security Engineer (ISSE), Systems Administrators, Client Systems Technicians, and Cybersecurity Liaisons.
• Perform wireless scanning throughout the facility to ensure no rogue activity to include but not limited to: review vulnerability scans on all networks and respond to any vulnerabilities appropriately while conducting network audits on all networks.
• Manage and update Management Internal Control Toolkit (MICT) checklists for assigned programs including, but not limited to: Privileged User, 17-1301 Computer Security (COMPUSEC), and 17-101 Risk Management Framework (RMF).
• Inspect equipment prior to the entry and exit of the facilities and ensure entry and exit logs are accomplished along with reviewing, updating, and enforcing Media Control policy including, but not limited to: Issuing and tracking removable media and ensuring media sanitization.
• Validate administrator accounts on all networks and respond to any discrepancies appropriately.
• Review equipment purchases requests to ensure items are on approved products listings and meet requirements to enter the facilities.
• Ensure cybersecurity marking and standards enforcement including but not limited to: Classification stickers and markings on all systems, Bomb threat aids posted by all phones, and Combined Security Cards are posted by all workstations.
• Perform random bag and walkthrough inspections with the Security team along with responding to incidents and assisting with response and reporting.
• Answer all TASKORDS/ taskers by MAJCOM for action on our own networks including but not limited to: vulnerability remediation and data calls.
• Review, update, and enforce the Security Concept of Operations (SECONOPS) along with the contingency plan policy.
• Maintain Risk Management Framework (RMF) packages for all networks owned/operated by the 39 IOS including, but not limited to: answer data calls, prepare system package, Categorize system by guiding documents, Select security controls for risk mitigation, Implement security controls, Assess security control effectiveness, Monitor system and update accreditation package, Security Impact Analysis (SIA) submissions for tenants requesting changes and install of new software, and Respond to and coordinate requirements for accreditation package not owned by the squadron.
• Order, issue, manage, and account for all tokens granting access to network as well as auditing and inventorying issuance of student user tokens.
• Perform COMPUSEC and Information Security (INFOSEC) duties and manage the Cybersecurity Liaison program for the squadron under the direction of the Wing Cybersecurity Office.
• Support functions aligned to DCWF work roles (Information Systems Security Manager; Security Control Assessor; Cyber Defense Incident Responder) as applicable.
• Maintain and apply required IAT/M Level II certification within the scope of assigned duties.
• Other duties as assigned.

Qualifications

Qualifications - Here's What You Need

The qualifications and skills listed below are intended to provide a general overview of the requirements for this position. However, due to the anticipated nature of the contract and the absence of a finalized task order from the client, this list should not be considered all-encompassing. Additional qualifications, certifications, skills, or experience specific to the client's requirements may be identified and requested upon award of the task order. Candidates should demonstrate flexibility and a willingness to adapt to evolving responsibilities as outlined by the client.

• Information Systems, Security Officer (ISSO) Journeyman:
  • Bachelor's degree (STEM, field) or Associates with approved equivalent experience.
  • IAT/M Level III.
  • 2 years' risk management framework experience within the last 5 years.
  • Active Top Secret Security Clearance is required.

Minimum Skills:

• Exceptional interpersonal skills with the ability to communicate in a clear, professional, and articulate manner.
• Exceptional verbal and written communication skills.
• Excellent organizational, analytical, and problem-solving skills with high-level attention to detail.
• Ability to analyze systems and procedures.
• Strong multitasking skills with the ability to manage multiple design streams across concurrent work effort.
• Must be self-motivated and able to work well independently as well as on a multi-functional team.
• Ability to handle sensitive and confidential information appropriately.

Our Commitment to you / overview of benefits

• Medical, Dental and Vision Insurance; Wellness Program.
• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter).
• Short-Term and Long-Term Disability options.
• Basic Life and AD&D Insurance (Company Provided).
• Voluntary Life and AD&D options.
• 401(k) Retirement Savings Plan with matching after one year.
• Paid Time Off.

Reports to: Managing Director

Working Conditions

• Professional office environment, with the ability to work onsite in the main office.
• Work may require periods of sitting, standing, walking, lifting, and carrying equipment weighing up to 40 pounds. Manual dexterity is required for handling small components.
• Must be physically and mentally able to perform duties extended periods of time.
• Ability to use a computer and other office productivity tools with sufficient speed to meet the demands of this position.
• Must be able to establish a productive and professional workspace.
• Must be able to sit for long periods of time looking at computer screen.
• May be asked to work a flexible schedule which may include holidays.
• May be asked to travel for business or professional development purposes.
• May be asked to work hours outside of normal business hours.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Cayuse is an Equal Opportunity Employer. All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.

Pay Range

USD $0.00 - USD $0.00 /Yr.