Information System Security Officer (Isso)

Responsibilities for this Position

Information System Security Officer (ISSO)

US-CT-Groton

Job ID: 2023-9431

Type: Full-Time

of Openings:

2

Category: Security and Transportation

EB Groton Shipyard

Overview

The Cyber Security Representative will serve in the role of Information System Security Officer (ISSO) and have responsibility for supporting the implementation, assessment, and monitoring of security requirements across multiple Electric Boat (EB) Information Systems (IS) supporting the U.S. Navy.

The Cyber Security Representative must possess sufficient understanding, knowledge, and experience to ensure EB ISs are operated and maintained in compliance with all policies and procedures required by the National Industrial Security Program Operating Manual (NISPOM), Defense Counterintelligence and Security Agency (DCSA) Assessment and Authorization Process Manual (DAAPM), Risk Management Framework (RMF) process, and National Institute of Standards and Technology [NIST] Special Publications [SP] 800-53 (NIST SP 800-53).

This position requires a balance of technical knowledge and experience, with strong documentation and reporting skills. Responsibilities include:

• Developing and maintaining security plan documents (hardware and software baselines, diagrams, user lists)

• Reviewing, processing, and tracking configuration management requests and risk assessments

• Processing user agreement forms; ensuring users complete necessary training and meet requirements for access

• Developing and maintaining system specific policies and procedures

• Working with system/network administrators to verify Operating System (OS) and network device configurations, and ensure compliance with other technical requirements and configurations

• Monitoring and analyzing user and system activity

• Monitoring compliance with vulnerability management requirements

• Supporting incident response activities

• Working closely with the Information System Security Manager (ISSM), as well as other system stakeholders

• Providing guidance and support on security requirements and implementation

• Supporting internal and external inspections and assessments

• Supporting system assessment, authorization, and continuous monitoring efforts

Responsibilities

• Strong interpersonal, communication, organizational, and time management skills

• Ability to work independently, and as part of a team

• Strong documentation development and management skills

Qualifications

Requirements:

• U.S. Citizenship

• Ability to obtain and maintain a DoD SECRET clearance

• Bachelors Degree in Cyber Security, Information Technology (IT), or Equivalent OR a minimum of 4 years of experience in a Cyber Security, ISSM, ISSO, IT, System/Network Engineer/Architect/Administrator, or equivalent RMF role

• Technical understanding of Windows and/or Linux OSs

Preferred Qualifications:

• Working knowledge of the NISPOM, DAAPM, RMF process and NIST SP 800-53 Controls

• Experience with Enterprise Mission Assurance Support Service (eMASS)

• Experience monitoring and analyzing user and system activity

• Experience with monitoring security relevant applications (e.g. audit collection, vulnerability management, Security Information Event Monitoring (SIEM))

• Two or more years of experience as an ISSM, ISSO, System/Network Engineer/Architect/Administrator, or in an Equivalent RMF role

• Cyber Security related certifications (e.g. Security+, Network+, CISSP)