Information Systems Security Officer

Company Overview:

Satcom Direct (SD) provides global connectivity solutions for business and general aviation, military, government, and land mobile services. Since 1997, SD has worked to solve the unsolvable and advance the technology of connectivity through our industry-leading hardware and flight operations software. Our company culture is based on innovation and creativity which allows our team members to thrive in a dynamic atmosphere. We are looking for people who are passionate about customer satisfaction and who excel in a constantly changing environment.

Satcom Direct offers a highly competitive benefits package. Our global headquarters offers an on-site gym staffed with personal trainers, a café, food trucks, social hour, and more. With an open vacation policy, employees have the flexibility to take time when they need it. SD is centrally located on the beautiful Space Coast in Viera, FL, which is one of the Top 50 Master-Planned Communities in the United States.

JOB SUMMARY:

This Position may be involved in research and development efforts for 20-30% of their time annually. The Information Systems Security Officer leads the execution of company and network compliance for SD's Military/Government group. The ISSO is responsible is responsible for providing security planning, risk assessment and analysis, risk management tasks and activities to ensure Satcom Direct Government (SDG) information system(s) meets information security assurance requirements. To ensure SDG reaches its compliance goals for SDG's CMMC, NIST, and IA-Pre compliance the ISSO will be responsible for integrating people, processes, and technologies associated with SDG's information systems, applications, and data.

This role is responsible for ensuring compliance with current and future contractual and regulatory security requirements along with supporting client engagements related to the security of SDG products and services. This role operates and works closely with Information Security, Information Technology, and both SD and SDG business units to align organization security policies and standards to strategic goals and reduce risks to an acceptable level that fosters technology transformation and innovation.

ESSENTIAL DUTIES/RESPONSIBILITIES:

Security Governance/Risk

• Assist with security management of the information system(s).

• Evaluate technology solutions to ensure they meet security requirements.

• Support configuration management (CM) for information system security software, hardware, and firmware.

• Assess and manage the security impact of changes.

• Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, C&A Packages, etc.

• Provide support to maintain the appropriate operational IA posture for a system, program, or enclave.

• Develop and update the system security plan and other IA documentation.

• Works with various business units to identify, define, and confirm the key risks to the organization's information assets, internally and externally.

• Researches and formulates information security policies, plans, and procedures for SDG.

• Understands key business processes, systems, applications, and the latest knowledge in information security techniques across multiple platforms and environments.

• Works with all employees to ensure that all policies and procedures are effectively implemented and with management to ensure these are communicated.

Compliance and Audits

• Perform vulnerability and risk assessment analysis to support certification and accreditation (C&A).

• Develop and maintain documentation for C&A.

• Responsible for implementing, supporting, and maintaining the company security posture, and will ensure that SDG's programs and policies comply with local governmental and industry regulatory standards to include, but not limited to, DFARS, CMMC, NIST 800-171, IA-Pre, etc.

• Draft, modify and implement documentation relating to ensuring compliance, such as System Security Plans (SSPs), and Risk Assessment Reports.

• Coordinates the review and measurement of relevant security system logs and messages to identify and report on possible violations of security policy or standards.

• Develops security awareness procedures and training and ensures communication to management regarding compliance.

• Assess the business's future ventures and contracts to identify possible compliance risks.

Security Operations

• Develops a management control program that proactively identifies threats to the organization, conducts periodic risk assessment and information security reviews, and formulates the management response to audit and/or regulatory information security findings.

• Evaluating the efficiency of controls, ensuring continuous improvement.

• Coordinates, documents, and reports on internal investigations of possible security violations

• Assist in budget development, personnel recruitment, retention, development, and training.

Security Architecture

• Participates with IT teams to design, implement, test, and operate critical network and security related systems furthering global defense in depth strategies.

• Assists in defining government security requirements in the procurement/retirement and/or development/deployment of hardware, software, and application systems. Analyzes, selects, recommends, and coordinates installation of information security technology with all relevant stakeholders.

• Develops and implements tests of computer systems to monitor effectiveness of security through penetration and vulnerability assessments.

• Coordinates with internal and external technology business units to align strategies across the enterprise and

• portfolios.

GENERAL QUALIFICATIONS, AND EXPERIENCE:

An equivalent combination of education or experience may be considered.

• Bachelor's or Master's degree in Information Systems, Information Security or equivalent.

• A minimum of eight (5) years' experience in IT / Information Security is required.

• A minimum of three (3) years' experience as an ISSE or ISSO for a multinational organization

• Advanced knowledge and experience in security frameworks/standards including (NIST 800-53, 800-171, ISO 27001/2, CMMC, NIST RMF, etc.).

• Must have working knowledge of and understanding of key security concepts such as access management, vulnerability, and patch management, SIEM, network threats and encryption.

• Program Management experience is desired.

• Desired knowledge or experience in satellite communications, aviation software/connectivity

EDUCATION, KNOWLEDGE AND SKILLS:

To be successful in this global role, the candidate must have a strong understanding of cybersecurity (be considered very technical), have thorough understanding of security technologies and security best practices, be able to directly manage a global cybersecurity crisis, have extensive experience in a large distributed global enterprise, have strong people skills and be able to effectively communicate with stakeholders at all levels in the organization.

PHYSICAL DEMANDS:

While performing general office duties for this position, the employee is regularly required to sit, stand and/or walk around (including the use of stairs). Other demands include the ability to openly communicate with others by talking, listening and reading, able to lift light objects (<25lbs), and use standard office equipment such as computer, printer, phone and cell phone. In addition, there is an occasional need to bend, twist or stoop in order to open/close cabinets, reach for files or other standard office type objects.

WORK ENVIRONMENT:

The office environment is generally quiet and, in a temperature, controlled setting with random adjustments in noise or temperature due to others talking or laughing loudly, unscheduled maintenance repairs to the building or its interior offices or unpredictable situations due to weather or other acts beyond company control. An employee must be willing to work their regularly assigned work schedule for their particular duties and/or job responsibilities and in times of need, be able to work an extended schedule depending on company/department needs, project requirements or customer demands. Some overnight travel is required to facilitate work objectives. While at client site locations, if applicable, employee will be required to adhere to the proper safety precautions established by the client while in proximity to their work area, flight-line or maintenance repair center; work may require some physical effort in the handling of light materials, boxes or equipment. The temperature at client locations can vary from controlled to variations off hot/cold when working, standing or walking in or near the flight-line or maintenance repair center.

If you are interested in applying for employment and need special assistance or an accommodation to apply for a posted position, contact our Human Resources department at (321) 777-3000

Satcom Direct is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status, and will not be discriminated against on the basis of disability.