Job SummaryWe have an exciting opportunity for an Information Systems Security Officer (ISSO) to join our Security Classification team. This position is located in Acton, MA.
With limited direction, this position exercises considerable latitude in monitoring, evaluating and administering system compliance with information technology (IT) security requirements to ensure company, regulatory and customer requirements are met.
DUTIES AND RESPONSIBILITIES:- Assists leadership in interpreting regulations as they apply to information systems, platforms, and IT operating processes, practices and procedures.
- Develops or modifies the classified computing environment to comply with information security plans and requirements.
- Assists in development of System Security Plans, instructions, guidance, and standard operating procedures.
- Performs system and platform audits; analyzes results and provides reports to management.
- Provides architectural analysis of cybersecurity features and relates existing systems to future needs and cybersecurity trends.
- Identifies risks and recommends/implements improvements; ensures corrective measures are taken when incidents or vulnerabilities are discovered.
- Maintains knowledge of applicable policies, regulations, and compliance documents related to classified computing assets and environments.
- Represents the organization as a senior cybersecurity contact with internal and external representatives.
- Integrates security requirements (e.g. DISA STIGs) into new architectures or adapts them to existing solutions.
- Maintains the strict confidentiality of sensitive information.
- May serve as technical lead during incident response situations.
Additionally, will serve as the Assistant Facility Security Officer (AFSO):- Prior AFSO experience preferred, but not required as training will be provided by the FSO
- Provides limited support to the Facility Security Officer (FSO) in administering security programs in accordance with company and government requirements
- Assists in handling and safeguarding classified materials, ensuring all procedures comply with applicable regulations.
- Helps implement and maintain security plans, visitor control procedures, and access control systems.
- Maintains accurate access and alarm records, and assists with audits or inspections as required.
- Ensures compliance with 32 CFR Part 117 (NISPOM Rule) and other relevant security regulations.
- Performs other duties as assigned.
- Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company.
- Expected to work in a safe manner in accordance with established operating procedures and practices.
Job Qualifications- Typically requires a bachelors degree in a related discipline and six or more years of progressive professional experience in information assurance or a related field. Equivalent professional experience may be substituted in lieu of education.
- Must possess and maintain an active DoD Secret security clearance.
- Must maintain DoD 8570 IAM Level I (e.g. Security +) professional certification as required by customers or contractual obligations.
- Experience with IC DoD policy such as Risk Management Framework and Joint SAP Implementation Guide.
- Operational experience with installing, troubleshooting, and auditing Windows desktop & server operating systems.
- Experience with DISA STIGs, SCAP tool, ACAS.
- Experience installing and troubleshooting common x86-based computer hardware.
- Must demonstrate a general understanding of information assurance principles, theories, concepts and techniques.
- Must have experience organizing, planning, scheduling, conducting, and coordinating work assignments to meet project milestones or established completion dates.
- Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes.
- Must be customer focused and possess:
- the ability to identify issues, analyze data and develop solutions to a variety of problems;
- good analytical, verbal and written communication skills to accurately document, report, and present findings;
- excellent interpersonal skills enabling an effective interface with other professionals; and
- solid computer skills.
- Ability to work independently or in a team environment is essential as is the ability to work extended hours as required.
