OBXtek · 14 hours ago
Information Systems Security Engineer (ISSE) - GUAM
United States
Full-time
Remote
Mid Level
Maximize your interview chancesCyber SecurityInformation Technology
Insider Connection @OBXtek
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Perform vulnerability scans on all systems and network devices to ensure all Information Assurance Vulnerability Alerts and Bulletins (IAVA/B) and Computer Task Orders (CTOs), Task Orders (TASKORDS) and other security related tasking is applied as required by current Government directives.
Perform all account and data functions ensuring proper clearances for users; maintain information ownership responsibilities for each information system to include accountability, access approvals, and special handling requirements; maintain user agreements; SIPRNet network account information; and user validation forms.
Monitor and maintain user training certificates (Cyber Awareness and Cybersecurity Workforce training requirements).
Ensure physical space requirements for Restricted Access Areas (RAA), Controlled Access Areas (CAA), and Open Storage Secret spaces meet the mandated classification requirements.
Complete annual Physcial Security STIGs for all spaces with ONE-NET computers under JRM’s purview.
Develop and implement Configuration Management (CM) control policies and practices for authorizing the use of software and hardware. Monitor changes to system software, hardware, etc., to ensure security is not adversely impacted. Update appropriate documentation and upload into eMASS.
Oversee, monitor, coordinate, and conduct System Security evaluations, audits, and reviews; coordinate and direct Command Information Assurance Vulnerability Management (IAVM) and Computer Task Order (CTO) Programs.
Inspect and certify physical space requirements for Restricted Access Areas (RAA) and Controlled Access Areas (CAA) ensuring the mandated classification requirements are met. Provide protection requirements against intruders, vandals, accidents, and environmental dangers (i.e., fire, water, etc.). Develop and maintain Comman IT security policies; provide Public Key Infrastructure (PKI) and Common Access Card (CAC) support; monitor existing and new Department of Defense (DoD), Department of Navy (DON), Defense Information Systems Agency (DISA), and other agency IT and Security policies to stay current.
Provide Information Security (INFOSEC) training management; Physical Security support; Vulnerability Remediation Asset Manager (VRAM) management; Assured Compliance Assessment Solution scanning and support; Host Base Systems Security (HBSS) management and support; creation, modification, and maintenance of Assessment and Authorization packages via eMass.
Provide Security Compliance and Risk Mitigation Support to the Information Systems Security Manager (ISSM)/Information Systems Security Officer (ISSO). Conduct Risk Management Framework (RMF) steps 1-4 assessment and implementation based on the collection, analysis, and reporting of data in accordance with the appropriate security technology and Government policy methods.
Analyze assessments and implement an overall risk-based decision to effectively certify security controls and countermeasures, and the overall security posture of systems and programs, networks and infrastructures throughout IT engineering lifecycles.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Perform vulnerability scans on all systems and network devices to ensure all Information Assurance Vulnerability Alerts and Bulletins (IAVA/B) and Computer Task Orders (CTOs), Task Orders (TASKORDS) and other security related tasking is applied as required by current Government directives.
Perform all account and data functions ensuring proper clearances for users; maintain information ownership responsibilities for each information system to include accountability, access approvals, and special handling requirements; maintain user agreements; SIPRNet network account information; and user validation forms.
Monitor and maintain user training certificates (Cyber Awareness and Cybersecurity Workforce training requirements).
Ensure physical space requirements for Restricted Access Areas (RAA), Controlled Access Areas (CAA), and Open Storage Secret spaces meet the mandated classification requirements.
Complete annual Physical Security STIGs for all spaces with ONE-NET computers under JRM’s purview.
Develop and implement Configuration Management (CM) control policies and practices for authorizing the use of software and hardware. Monitor changes to system software, hardware, etc., to ensure security is not adversely impacted. Update appropriate documentation and upload into eMASS.
Oversee, monitor, coordinate, and conduct System Security evaluations, audits, and reviews; coordinate and direct Command Information Assurance Vulnerability Management (IAVM) and Computer Task Order (CTO) Programs.
Inspect and certify physical space requirements for Restricted Access Areas (RAA) and Controlled Access Areas (CAA) ensuring the mandated classification requirements are met. Provide protection requirements against intruders, vandals, accidents, and environmental dangers (i.e., fire, water, etc.). Develop and maintain Command IT security policies; provide Public Key Infrastructure (PKI) and Common Access Card (CAC) support; monitor existing and new Department of Defense (DoD), Department of Navy (DON), Defense Information Systems Agency (DISA), and other agency IT and Security policies to stay current.
Provide Information Security (INFOSEC) training management; Physical Security support; Vulnerability Remediation Asset Manager (VRAM) management; Assured Compliance Assessment Solution scanning and support; Host Base Systems Security (HBSS) management and support; creation, modification, and maintenance of Assessment and Authorization packages via eMass.
Provide Security Compliance and Risk Mitigation Support to the Information Systems Security Manager (ISSM)/Information Systems Security Officer (ISSO). Conduct Risk Management Framework (RMF) steps 1-4 assessment and implementation based on the collection, analysis, and reporting of data in accordance with the appropriate security technology and Government policy methods.
Analyze assessments and implement an overall risk-based decision to effectively certify security controls and countermeasures, and the overall security posture of systems and programs, networks and infrastructures throughout IT engineering lifecycles.
Minimum Baseline Certifications CompTIA Advanced Security Practitioner
Minimum Operating System Certification Microsoft OS or VMware
Top Secret
Benefits
Comprehensive medical, dental and vision plans
Flexible Spending Accounts
Matching 401K
Paid time off
Tuition reimbursement program
Company
OBXtek
OBXtek specializes in cybersecurity, enterprise service management, IT engineering, software, logistics and mobile app development services.
Founded in 2009
501-1,000 employees
H1B Sponsorship
OBXtek has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (2)
2021 (4)
2020 (10)
Funding
Current Stage
Late StageLeadership Team
Dale Spencer
President and Chief Executive Officer
Company data provided by crunchbase
