Information Systems Security Officer- Journeyman jobs in United States
cer-icon
Apply on Employer Site
company-logo

Command Cyber Solutions, LLC ยท 22 hours ago

Information Systems Security Officer- Journeyman

positionUtah, United States
timeFull-time
remoteOnsite
seniorityMid Level
date3+ years exp

Command Cyber Solutions, LLC is seeking an Information Systems Security Officer at the Journeyman level. The role involves developing and maintaining security plans, monitoring systems for security incidents, ensuring compliance with DoD policies, and managing the authorization process for information systems.

Cyber SecurityInformation TechnologySoftware Engineering
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Assist in developing, implementing, and maintaining security plans, policies, and procedures for assigned information systems in accordance with DoD Instruction 8510.01 (Risk Management Framework for DoD Information Technology) and other applicable guidance
Assist in the selection and implementation of security controls to protect information systems from unauthorized access, use, disclosure, disruption, modification, or destruction
Assist risk assessments and vulnerability assessments to identify security weaknesses and recommend mitigation strategies
Work with system administrators and other IT personnel to ensure security controls are properly implemented and maintained
Monitor information systems for security incidents and anomalies, and investigate and respond to security incidents in accordance with established procedures
Analyze security logs and other data sources to identify potential security threats and vulnerabilities
Report security incidents to the appropriate authorities, including the [Insert Organization's Incident Response Team]
Participate in incident response exercises and drills
Ensure that assigned information systems comply with all applicable DoD security policies, regulations, and standards, including but not limited to: DoD Instruction 8510.01 (Risk Management Framework for DoD Information Technology), NIST Special Publications (e.g., SP 800-53, SP 800-37), Security Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alerts (IAVAs)
Conduct regular security reviews and audits to verify compliance with security requirements
Prepare and maintain documentation to support security audits and assessments
Assist with the development and implementation of corrective action plans to address security deficiencies
Manage the A&A/A&A process for assigned information systems, including the preparation of security documentation (e.g., System Security Plan, Security Assessment Report, Plan of Action and Milestones (POA&M))
Coordinate with authorizing officials and other stakeholders to obtain and maintain system authorizations
Ensure that systems are operated in accordance with their authorization

Qualification

Security+ CE CertificationRisk Management Framework (RMF)Vulnerability ManagementNIST SP 800-53EMASSData Center SecurityCompliance AuditingCybersecurity TrainingOrganizational skillsCommunication skills

Required

Active Secret Clearance
Security+ CE Certification
Bachelor's Degree in Business or IT related field with three (3) or more years of experience in Information Security, Vulnerability Management or related field
Must have relevant Air Force Risk Management Framework (RMF) experience
Must have experience with one or more of the following: Experience successfully getting systems through the complete ATO process, Vulnerability management, including running scans as well as evaluating and prioritizing the outputs, Experience evaluating STIGs and completing STIG checklists, Patching, Experience using eMASS or other related tools
Thorough Knowledge of security control selection and tailoring
Basic knowledge of common security controls and their purpose (e.g., access control, audit and accountability, identification and authentication)
Familiarity with NIST SP 800-53 security controls and the various security documents that make up an ATO package (e.g., System Security Plan (SSP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M))
Understanding of how security controls are implemented and assessed
Understanding of Cloud Migration strategies and security requirements
Strong organizational and problem-solving skills
Excellent communication and interpersonal skills
Data Center Security
Basic Risk Management
Compliance Auditing
Cybersecurity Training and Awareness
Ability to clearly and concisely document system security information

Company

Command Cyber Solutions, LLC

twittertwitter
company-logo
Command Cyber Solutions (CCS) is an IT consulting company specializing in Cybersecurity Services and IT Support.
dateFounded in 2016
location
Oklahoma City, Oklahoma, USA
people-size51-200 employees
web-link
https://www.command-cs.com

Funding

Current Stage
Growth Stage
Company data provided by crunchbase