Apply on Employer Site

ASRC Federal · 20 hours ago

Information System Security Officer (ISSO)

Dayton, OH, USA

Full-time

Onsite

Senior Level

5+ years exp

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. They are seeking an Information System Security Officer (ISSO) to maintain the operational security posture of systems and ensure compliance with security policies and procedures while providing expertise in Cybersecurity, Cloud, and Systems Engineering.

ConsultingGovernmentInformation TechnologyLogisticsProfessional ServicesSpace TravelStaffing Agency

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Maintain the operational security posture of systems

Monitor systems and environments for security compliance

Develop and update System Security Plans (SSPs)

Manage and control system changes and assess their security impact

Handle physical, personnel, and environmental security

Conduct incident response and security awareness training

Assist the ISSM and assume ISSM duties when necessary

Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM

Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package

Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard

Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS

Report all security-related incidents to the ISSM

Conduct periodic reviews of information systems to ensure compliance with the security authorization package

Serve as member of the CCB, if designated by the ISSM

Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change

Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization

Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly

Ensure all IS security-related documentation is current and accessible to properly authorized individuals; and

Ensure audit records are collected, reviewed, and documented (to include any anomalies)

Participate in joint agile backlog planning and provide feedback to the software development team and infrastructure teams around high to medium risk items that require information system owner approval

Qualification

CybersecurityCloud ComputingSystems EngineeringIAM Level 2 CertificationActive DirectorySplunkSTIG/SCAPACAS AutomationIncident ResponseSecurity Awareness TrainingSystem Security PlansSecurity Compliance

Required

Advanced technical competency and experience in one or more of the following areas: Active Directory Domain Services, Active Directory Federated Services, Active Directory Certificate Services, Windows Server Update Services, ePO, Splunk, STIG/SCAP, YUM, ACAS Automation, and Azure Monitor / Log Analytics

Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard

5+ years related experience in SCI/SAP environments

Bachelor's degree in computer science, Engineering, Finance, Business, or related field

5-8 years demonstrated performance in related technology

Top Secret w/ SCI eligibility