ClearanceJobs
Information Systems Security Officer
ClearanceJobs, Grand Forks, North Dakota, United States, 58203
Information Systems Security Officer (ISSO)
Location:
Grand Forks, ND (Onsite)
Employment type:
Full-time, Permanent
Base pay range:
$115,000 - $120,000 per year
Relocation assistance:
Available for non-local candidates
Security clearance:
Active Top Secret (TS) required
Job Overview The company is seeking an
Information Systems Security Officer (ISSO)
to facilitate Authorization & Assessment (A&A) efforts throughout mission systems’ Risk Management Framework (RMF) lifecycle.
Key Responsibilities
Lead multiple RMF accreditation efforts: determine DoD requirements, conduct risk and vulnerability assessments, document security controls, and ensure compliance with DoD Cybersecurity policies.
Oversee day‑to‑day RMF operations, manage tasks & create deadlines to meet security requirements.
Serve as the primary customer-facing security representative, translating system requirements into security controls.
Spearhead RMF package creation in eMASS, perform continuous monitoring throughout the information system lifecycle.
Implement the RMF process across A&A lifecycle for multiple ATOs and support pre‑ and post‑Authority to Operate (ATO) activities.
Assist the ISSM in A&A activities, coordinate with Security Controls Assessor (SCA) and Authorizing Official (AO).
Perform technical security assessments, identify vulnerabilities, non‑compliance, and recommend mitigation strategies.
Conduct risk analyses from vulnerability scans, penetration tests, and other audit activities.
Create & maintain Plan of Action & Milestones (POA&Ms), System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), SOPs, Configuration Management Plans, Contingency Plans, and Test Result/Security Impact Analyses.
Ensure procedures for clearing, sanitizing, and destroying hardware & media are in place.
Conduct continuous monitoring (ConMon) for applicable authorization boundaries.
Apply and maintain up‑to‑date Security Technical Implementation Guides (STIGs) on required components.
Maintain inventory & asset configuration, manage change documentation, and lead system‑level change requests through Configuration Control Boards (CCBs).
Collaborate with system owners and ISSM to uphold appropriate operational security posture.
Notify ISSM of changes that could affect authorization determinations.
Advising System & Network Administrators on remediation of system deficiencies.
Report all security‑related incidents to the ISSM, handling concerns in lieu of ISSM when necessary.
Required Qualifications
Experience developing and documenting DoD Assessment and Authorization (A&A) documentation.
Knowledge of CNSSI 1253, NIST 800 series (primarily 800‑53, 800‑53A, 800‑171), and RMF.
2–5+ years of IA/Cyber Security experience.
Bachelor’s degree or higher in Computer Science or Security.
Security+/CISM certification or equivalent.
Experience with DCSA tools such as eMASS, STIGs, and SCAP.
Preferred Qualifications
Well versed in RMF package creation and maintenance artifacts for A&A decisions.
Experience with DISA STIGs, Security Requirements Guides (SRGs), and SCAP for audit and secure configuration of network‑enabled devices.
Fundamental knowledge of DISA eMASS.
Proficiency with vulnerability tools and audit review tools (e.g., Nessus, Splunk).
Experience conducting risk analysis on products and system components via CVE/CWE reviews.
Experience with software due diligence for COTS and GOTS solutions.
Strong communication and documentation skills.
Flexible and adaptable in a rapidly changing environment.
Self‑motivated, able to complete tasks independently.
Working knowledge of system functions, security policies, technical safeguards, and operational security measures.
Benefits In addition to competitive compensation, a comprehensive benefits package is offered, including medical, dental, vision insurance, PTO, and a 401(k) plan.
Seniority Level Entry level
Employment Type Full‑time
Job Function Information Technology
Industries Defense and Space Manufacturing
#J-18808-Ljbffr
Location:
Grand Forks, ND (Onsite)
Employment type:
Full-time, Permanent
Base pay range:
$115,000 - $120,000 per year
Relocation assistance:
Available for non-local candidates
Security clearance:
Active Top Secret (TS) required
Job Overview The company is seeking an
Information Systems Security Officer (ISSO)
to facilitate Authorization & Assessment (A&A) efforts throughout mission systems’ Risk Management Framework (RMF) lifecycle.
Key Responsibilities
Lead multiple RMF accreditation efforts: determine DoD requirements, conduct risk and vulnerability assessments, document security controls, and ensure compliance with DoD Cybersecurity policies.
Oversee day‑to‑day RMF operations, manage tasks & create deadlines to meet security requirements.
Serve as the primary customer-facing security representative, translating system requirements into security controls.
Spearhead RMF package creation in eMASS, perform continuous monitoring throughout the information system lifecycle.
Implement the RMF process across A&A lifecycle for multiple ATOs and support pre‑ and post‑Authority to Operate (ATO) activities.
Assist the ISSM in A&A activities, coordinate with Security Controls Assessor (SCA) and Authorizing Official (AO).
Perform technical security assessments, identify vulnerabilities, non‑compliance, and recommend mitigation strategies.
Conduct risk analyses from vulnerability scans, penetration tests, and other audit activities.
Create & maintain Plan of Action & Milestones (POA&Ms), System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), SOPs, Configuration Management Plans, Contingency Plans, and Test Result/Security Impact Analyses.
Ensure procedures for clearing, sanitizing, and destroying hardware & media are in place.
Conduct continuous monitoring (ConMon) for applicable authorization boundaries.
Apply and maintain up‑to‑date Security Technical Implementation Guides (STIGs) on required components.
Maintain inventory & asset configuration, manage change documentation, and lead system‑level change requests through Configuration Control Boards (CCBs).
Collaborate with system owners and ISSM to uphold appropriate operational security posture.
Notify ISSM of changes that could affect authorization determinations.
Advising System & Network Administrators on remediation of system deficiencies.
Report all security‑related incidents to the ISSM, handling concerns in lieu of ISSM when necessary.
Required Qualifications
Experience developing and documenting DoD Assessment and Authorization (A&A) documentation.
Knowledge of CNSSI 1253, NIST 800 series (primarily 800‑53, 800‑53A, 800‑171), and RMF.
2–5+ years of IA/Cyber Security experience.
Bachelor’s degree or higher in Computer Science or Security.
Security+/CISM certification or equivalent.
Experience with DCSA tools such as eMASS, STIGs, and SCAP.
Preferred Qualifications
Well versed in RMF package creation and maintenance artifacts for A&A decisions.
Experience with DISA STIGs, Security Requirements Guides (SRGs), and SCAP for audit and secure configuration of network‑enabled devices.
Fundamental knowledge of DISA eMASS.
Proficiency with vulnerability tools and audit review tools (e.g., Nessus, Splunk).
Experience conducting risk analysis on products and system components via CVE/CWE reviews.
Experience with software due diligence for COTS and GOTS solutions.
Strong communication and documentation skills.
Flexible and adaptable in a rapidly changing environment.
Self‑motivated, able to complete tasks independently.
Working knowledge of system functions, security policies, technical safeguards, and operational security measures.
Benefits In addition to competitive compensation, a comprehensive benefits package is offered, including medical, dental, vision insurance, PTO, and a 401(k) plan.
Seniority Level Entry level
Employment Type Full‑time
Job Function Information Technology
Industries Defense and Space Manufacturing
#J-18808-Ljbffr