Information Systems Security Officer

Position Summary:

The Information Systems Security Officer (ISSO) performs local facility IT functions on information systems within classified environments or enclaves and identifies where those systems and networks deviate from acceptable configurations enclave policy or local policy. The ISSO establishes strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of classified systems. Includes support of process analysis coordination security certification test security documentation investigations software research hardware introduction/release emerging technology research inspections and periodic system audits.

The ISSO assists in the implementation of the required government policy (i.e. NISPOM DCID 6-3) makes recommendations on process tailoring participates in and documents process activities. Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations participation in the tests analysis of the results and preparation of required reports. And the ISSO documents the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M.

Primary Duties & Responsibilities:

• Ensure local facility systems are operated maintained and disposed of in accordance with security policies and procedures outlined in security authorization packages.
• Verify implementation of delegated aspects of IS security program.
• Attend technical security training (e.g. operating system/networking/security management) relative to assigned duties.
• Ensure all local IS users have requisite security clearances authorization need-to-know and aware of their security responsibilities before granting access to the IS.
• Report all security-related incidents to the local facility ISSM.
• Conduct periodic reviews of IS to ensure compliance with the security authorization package.
• Serve as member of the Configuration Control Board (CCB).
• Coordinate changes or modifications to hardware software or firmware of a system with the ISSM prior to the change.
• Formally notify the facility ISSM when changes occur that might affect system authorization.
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
• Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
• Ensure audit records are protected collected and reviewed.
• Assist with local facility unclassified IT systems as needed.
• Other duties as assigned.

Key Requirements:

• Active U.S. Citizenship.
• Active USGSC Interim/Secret () security clearance.
• Able to maintain required USGSC level security clearance.
• Must be able to satisfy federal government requirements for access to government information. (Having dual citizenship may preclude you from being able to meet this requirement.)
• Bachelors degree with (2) years of experience in system administration/desktop support or (6) years of related industrial/cybersecurity administration experience.
• Candidates will not be excluded from consideration with equivalent education and/or experience.

Additional Requirements:

• Current DoD 8570 Baseline Certification (Security CE CAP GSLC CASP CE CISA CISM or CISSP).
• Familiarity with DISA Security Technical Implementation Guides (STIGs) and security tools such as Splunk Symantec MS Office VMWare etc.
• Working knowledge of National and International security frameworks.
• Experience working with the Defense Counterintelligence & Security Agency (DCSA) Authorization and Assessment Process Manual (DAAPM).
• Experience in secure environments that are compliant with the NISPOM with special emphasis on information assurance as well as Risk Management Framework (RMF) requirements.
• Familiarity with configuration control and change management (PDQ Deploy/Inventory).
• Familiarity with networking concepts (switches/network security).
• Experience with security concepts (Data Loss Prevention Active Directory and Security Log Analysis).
• Experience with Microsoft Windows administration in physical/virtual environments
• Strong written and verbal communication skills; ability to present reports to management; motivated to thoroughly investigate analyze and document system issues and resolutions.
• Ability to produce quality deliverables and to complete assigned projects on time; provides consistent status updates ensuring IT projects stay focused; reports discovered anomalies/inconsistencies.
• Consistent attention to detail - completes tasks per standard operating procedures; reports discovered anomalies and inconsistencies.
• Persistent and creative problem solver - strong troubleshooting skills and determined to find solutions to technical problems; identifies root cause and presents possible solutions to management.
• Strong work ethic and a proven professional - respectful dependable take initiative and follows through.
• Highly motivated and works well in a fast-paced team-oriented environment; continuously develops new competencies to accommodate evolving expectations.

Location Profile:

Located in Port Saint Lucie Florida Atlantic Precision Inc (API) is a premier Aerospace Machining & Build facility with a talented work force using the latest 3D printing metal and additive manufacturing technologies in its 50000 square-foot facility. With decades of experience API is trusted by OEMs in commercial aviation military aviation power generation and the marine industry to produce quality parts for both prototypes and production requirements.