Information System Security Officer (ISSO)

Title:

Belong. Connect. Grow. with KBR!

KBRs National Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and national security this position your work will have a profound impact on the countrys most critical role protecting our national security.

Why Join Us

• Innovative Projects: KBRs work is at the forefront of engineering logistics operations science program management mission IT and cybersecurity solutions.

• Collaborative Environment: Be part of a dynamic team that thrives on collaboration and innovation fostering a supportive and intellectually stimulating workplace.
• Impactful Work: Your contributions will be pivotal in designing and optimizing defense systems that ensure national security and shape the future of space defense

Job Summary

The successful candidate will provide support to the Test Resource Management Centers (TRMC) All Domain Test Range (ADTR) and INDOPACOM Pacific-Rim Multi-Domain Training and Experimentation Capability Team Joint Mission Environment Test Capability (JMETC) Secret Network (JSN) Node JMETC Multiple Independent Levels of Security Network (JMN) Node Secret Defense Research and Engineering Network (SDREN) Defense Research and Engineering Network (DREN).

In this role you will be a critical part of our team responsible for evaluating customer requirements pertaining to complex technical challenges. The successful candidate will assist with providing solutions to complex problems in a manner which meets both functional and security requirements. You will be responsible for keeping the teams computing environment operational and in compliance with all TRMC directives and applicable RMF requirements. To do this you will frequently collaborate with other distributed team members to discuss current system status and plan desired future enhancements.

The ideal candidate will have a blended skill set with a strong background in both systems administration and cybersecurity. This individual will possess experience in Windows and Linux server management Active Directory Security Technical Implementation Guides (STIGs) and virtualization technologies. This role is critical in ensuring the integrity confidentiality and availability of our information systems within a Department of Defense (DoD) environment.

Key Responsibilities:

• Security Management:
  • Develop implement and maintain security policies procedures and standards to safeguard organizational information systems.
  • Conduct regular security assessments vulnerability scans and penetration testing to identify and mitigate potential threats.
  • Monitor security alerts and logs to respond to incidents in a timely manner ensuring compliance with DoD regulations.
  • Manage Privileged Access Management (PAM) solutions to ensure secure access control for sensitive systems and data.
  • Filter and generate reports from Security Information and Event Management (SIEM) tools to provide insights into security incidents and trends.
  • Respond to JFHQ-DODIN issued orders such as Cyber Task Orders (CTO).
  • Participate in DoD mandated Zero Trust efforts (initiatives planning testing and implementation).
• Risk Management Framework (RMF) Compliance
  • Apply RMF principles to assess and manage risk associated with information systems including categorization selection of security controls implementation assessment authorization and continuous monitoring.
  • Collaborate with stakeholders to ensure all systems are RMF-compliant and maintain relevant documentation.
• Training and Awareness
  • Develop and conduct security training programs for staff to enhance awareness of information security best practices and organizational policies.
  • Function as a security advisor to other departments providing guidance on secure system design and implementation.
• Documentation and Reporting
  • Maintain comprehensive documentation of security processes incidents and remediation efforts.
  • Prepare and present reports on security posture vulnerabilities and incident response efforts to senior management and other stakeholders.

• Additional Tools and Technologies
  • Experience with McAfee ePolicy Orchestrator (ePO) for centralized security management.
  • Familiarity with Assured Compliance Assessment Solution (ACAS) for vulnerability scanning and compliance monitoring.
  • Jira and Confluence
  • ServiceNow
  • Helpdesk and CCB solutions input monitoring status approval workflows

Work Environment:

• Location: Remote
• Travel Requirements: Minimal up to 20%
• Working Hours: Standard

Qualifications:

Required:

• Education: Bachelors degree in Computer Science Information Technology Cybersecurity or a related field
• Certifications: CISSP CISM CASP Security
• Security Clearance: Active TS/SCI
• Experience: Minimum 10 years of system administration or cybersecurity-related experience specifically within DoD environment.
• Technical Skills:
  • Proficient in Windows server and Linux server management including installation security policies configuration and troubleshooting.

Desired:

• Education: Masters degree in computer science Information Technology Cybersecurity or related field. Advanced degrees or certifications (CISSP CISM CASP Security)

• Virtual Desktop Infrastructure: Horizon UAG Provision and Maintain VM pools
• Client Support: Solid understanding and experience supporting zero/thin clients
• Risk Management System Support: Experience supporting systems within a DoD Risk Management Framework (RMF) accredited environment.
• SIEM Solutions: Splunk SolarWinds etc.
• Skills: Coordination Communication and Presentation skills
• Functionality: Layer 2/3 Networking experience
• Firewall experience
• DoD 8570 certifications: Security CISSP Computing Environment
• DoD Network experience: Experience working with DoD Wide Area Networks and familiarity with various network architectures and common protocols to include:
  • Experience working with Defense Research and Engineering Network (DREN)
  • Experience working with the Secret Defense Research and Engineering Network (SDREN)
  • EPO (Trelix) experience policy agent updates compliance dashboards ACAS experience scanning reporting compliance dashboards

Belong Connect and Grow at KBR

At KBR we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to and ongoing journey toward being a People First company. That commitment is central to our team of teams philosophy and fosters an environment where everyone can Belong Connect and Grow. We Deliver Together.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion disability sex sexual orientation gender identity or expression age national origin veteran status genetic information union status and/or beliefs or any other characteristic protected by federal state or local law.