Apply on Employer Site

Kratos Defense and Security Solutions · 10 hours ago

Information System Security Officer

Colorado Springs, CO

Full-time

Onsite

Entry, Mid Level

$89K/yr - $125K/yr

2+ years exp

Kratos Defense and Security Solutions is a recognized leader in innovative solutions for national and global customers. They are seeking an Information System Security Officer to support the Information Assurance development and maintain security compliance for systems, ensuring adherence to established policies and procedures.

ConsultingCyber SecurityGovernmentInformation TechnologyNational SecurityPublic SafetySatellite CommunicationSecurity

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Perform security assessments such as vulnerability and compliance assessments, threat analysis, security code reviews, and risk assessments to identify potential design and implementation vulnerabilities

Participate in regular security self-inspections and audits

Assist with the selection and implementation of security controls and features for systems and applications

Identify new security features and recommend updates to existing products to ensure security is maintained throughout the product lifecycle

Perform security assessments on new and proposed products and technologies to ensure secure integration into the approved baseline

Provide product security engineering support and recommendations used to resolve integration and testing issues

Maintain a standardized set of security product requirements and produce metrics to report performance against those requirements

Review and define security diagnostics and tools to facilitate the analysis and reporting of security events

Assist other teams with mitigating security risks, responding to product security incidents, and product security related issues

Participate in security architecture and design review meetings

Manage system access and revocation requests. Track and verify DoD certification requirements in accordance with DoD 8140 guidance

Qualification

Risk Management FrameworkCompTIA Security+ CESecurity controlsDISA STIGsZero Trust ArchitectureAWSWindows environmentsRHEL environmentsCommunication skillsOrganizational skillsTeam collaborationSelf-motivated

Required

A solid knowledge of the DISA/DoD Risk Management Framework

CompTIA Security+ CE, CASP+, or equivalent cybersecurity certification

Experience with security controls, RMF, and STIGs

Familiarity with modern IT infrastructure capabilities to include virtualization, cloud deployment, and containerization

Self-motivated and comfortable with supporting multiple groups of developers, engineers, test, and deployment

Able to clearly communicate technical concepts orally and in written forms to internal and external audiences with technical and non-technical backgrounds

Capable of working in a fast-paced team environment

Excellent organizational and communication skills and able to effectively interact with managers and technical staff

Top Secret clearance with SCI eligibility required. Candidates with Special Access Program (SAP) experience are highly valued

Preferred

2 years as an ISSO or equivalent duties

Familiarity with eMASS, XACTA, or similar government systems of record

Familiarity with Zero Trust Architecture (ZTA) requirements

Experience with Windows and RHEL environments

Experience with AWS

Experience with security tools such in the following areas: Malicious code prevention and analysis (i.e., Trellix), Audit log analysis (Splunk, Greylog, etc.), Patch Management and Vulnerability Analysis (Tenable Security Suite & ACAS), and security tools which support the implementation of DISA STIGs (SCC, Evaluate STIG, STIG Viewer, etc.)