Kratos Defense and Security Solutions

Information System Security Officer

Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience in information assurance or related roles
  • Strong understanding of CMMC and RMF policies
  • Top Secret clearance with SCI eligibility is required
  • Proficiency in vulnerability scanning tools like Tenable/Nessus
  • Experience with SIEM technologies such as Splunk or Graylog
  • CompTIA Security+ CE, CASP+, or equivalent certification
  • Familiarity with cloud technologies and compliance requirements

Responsibilities

  • Conduct security assessments including vulnerability and risk analyses
  • Participate in security audits and self-inspections
  • Select and implement security controls for systems
  • Identify and recommend security feature enhancements
  • Perform assessments for new products to ensure secure integration
  • Provide engineering support for product security issues
  • Manage system access requests and track DoD certification compliance
  • Travel to customer sites for operational security issues

Benefits

  • Health, dental, and vision insurance
  • 401(k) plan with company matching
  • Paid time off and holidays
  • Professional development opportunities
  • Flexible working environment
Full Job Description
Kratos has an exciting opportunity in Colorado Springs, CO for an ISSO to support the Information Assurance (IA) development and sustainment of assigned systems and to serve as a security support element for technical teams. This is accomplished in compliance with CMMC and Risk Management Framework (RMF) policies and procedures, including the development of System Security Plans (SSP), Risk Assessment Reports (RAR), Plans of Action and Milestones (POA&M), and Security Control Traceability Matrices (SCTM). The ISSO maintains the operational security posture to ensure that security policies, standards, and procedures are followed throughout the system lifecycle. Additionally, the ISSO supports vulnerability and risk assessment analysis to achieve and sustain Authorization to Operate (ATO) and ensures information system security requirements are integrated into configuration management for software, hardware, and firmware.

This position is based on multiple DoD Directives; including DoD 5205.07 volumes 1-4; DoDD 5205.02E; DoDI 5025.01, 5205.11, 5200.39, 5220.22, DoDM 3305.13; DoD 8140 series; Intelligence Community Directive Series 500/600/700; NIST 800 series special publications; Executive Orders 13556 and 13636, the Joint Special Access Program Implementation Guide Rev 4, and DISA Security Technical Implementation Guides.

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. U.S. citizenship is required. Travel to customer sites and other program locations may be required.

Primary Responsibilities:
  • Perform security assessments such as vulnerability and compliance assessments, threat analysis, security code reviews, and risk assessments to identify potential design and implementation vulnerabilities.
  • Participate in regular security self-inspections and audits.
  • Assist with the selection and implementation of security controls and features for systems and applications.
  • Identify new security features and recommend updates to existing products to ensure security is maintained throughout the product lifecycle.
  • Perform security assessments on new and proposed products and technologies to ensure secure integration into the approved baseline.
  • Provide product security engineering support and recommendations used to resolve integration and testing issues.
  • Maintain a standardized set of security product requirements and produce metrics to report performance against those requirements.
  • Review and define security diagnostics and tools to facilitate the analysis and reporting of security events.
  • Assist other teams with mitigating security risks, responding to product security incidents, and product security related issues.
  • Participate in security architecture and design review meetings.
  • Manage system access and revocation requests. Track and verify DoD certification requirements in accordance with DoD 8140 guidance.
  • Travel to the customer's sites to address operational issues that arise around CCS-C security tooling/infrastructure.


  • A solid knowledge of the DISA/DoD Risk Management Framework.
  • Experience with Tenable/Nessus Vulnerability scanner or equivalent
  • Experience with Trellix ENS/HX or equivalent
  • Experience with Graylog, Splunk, or equivalent SIEM technology
  • CompTIA Security+ CE, CASP+, or equivalent cybersecurity certification.
  • Experience with security controls, RMF, and STIGs.
  • Familiarity with modern IT infrastructure capabilities to include virtualization, cloud deployment, and containerization.
  • Self-motivated and comfortable with supporting multiple groups of developers, engineers, test, and deployment.
  • Able to clearly communicate technical concepts orally and in written forms to internal and external audiences with technical and non-technical backgrounds.
  • Capable of working in a fast-paced team environment.
  • Excellent organizational and communication skills and able to effectively interact with managers and technical staff.
  • A strong familiarity with cloud technologies and compliance requirements for cloud
  • Top Secret clearance with SCI eligibility required. Candidates with Special Access Program (SAP) experience are highly valued.

Preferred Skills and Experience
  • 2 years as an ISSO or equivalent duties.
  • Familiarity with eMASS, XACTA, or similar government systems of record.
  • Familiarity with Zero Trust Architecture (ZTA) requirements.
  • Experience with Windows and RHEL environments.
  • Experience with AWS or related Cloud Service Providers

#LI-Onsite

The grade-based pay range for this job is listed below. Individual salaries within that range are determined through a wide variety of factors including but not limited to education, experience, knowledge, and skills.

Competitive salary based on experience and education
Salary Range: $89,000-$125,000

About Kratos Defense and Security Solutions

Kratos Defense & Security Solutions, Inc. provides mission critical products, solutions, and services in the United States. The company operates through three segments: Kratos Government Solutions, Unmanned Systems, and Public Safety & Security. The Kratos Government Solutions segment offers microwave electronic products, satellite communications, training systems, modular systems, and defense and rocket support services. The Unmanned Systems segment provides unmanned aerial, ground, and seaborne, as well as command, control, and communications systems. The Public Safety & Security segment designs, engineers, deploys, operates, integrates, maintains, and operates security and surveillance solutions for homeland security, public safety, critical infrastructure, government, and commercial customers. The company serves national security related agencies, the department of defense, intelligence agencies, and classified agencies, as well as international government agencies and domestic and international commercial customers; and critical infrastructure, power generation, power transport, nuclear energy, financial, IT, healthcare, education, transportation, and petro-chemical industries, as well as government and military customers. Kratos Defense & Security Solutions, Inc. was founded in 1994 and is headquartered in San Diego, California.
Learn more about Kratos Defense and Security Solutions
Size
3,300 employees
Market Cap
$1.1 billion
Industry
Net Income
$79.6 million
Founded
1994
5 Year Trend
+8.4%
Revenue
$747.6 million
NASDAQ

Similar Jobs

More Jobs at Kratos Defense and Security Solutions

More Information Technology Jobs

Find similar Information System Security Officer jobs: