Information System Security Officer

Northrop Grumman   •  

Fort Lewis, WA

Industry: Aerospace / Defense


Less than 5 years

Posted 294 days ago

This job is no longer available.

Overall coordinator and implementer for the Mission Training Complex’s (MTC) Risk Management Framework (RMF) program. The ISSO is responsible for ensuring the appropriate operational security posture is maintained and documented for MTC information systems. The position is responsible for defining & implementing standard operating procedures, implementing DoD, Army, & MTC policies, and creating & implementing plans of action and milestones (POA&M) in response to vulnerabilities identified during risk assessments, audits, & inspections.  Assures successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals. This position requires a Top Secret Security Clearance and the appropriate DoD 8570.01-M baseline certifications as an IAMII.


Basic Qualifications:

  • An understanding of NIST, DoD, & Army Cybersecurity & Risk Management Framework policies, directives, instructions, manuals, and best business practices.
  • Knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures using standards-based concepts and capabilities with at least Four years of demonstrated supervisory experience.
  • Knowledge of disaster recovery continuity of operations plans.
  • Knowledge of enterprise incident response program, roles, and responsibilities.
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth).
  • Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.
  • Knowledge of measures or indicators of system performance and availability.
  • Knowledge of network systems management principles, models, methods (e.g.end-to-end systems performance monitoring), and tools.
  • Knowledge of server administration and systems engineering theories, concepts, and methods.
  • Knowledge of systems lifecycle management principles, including software security and usability.
  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • Must have an active DoD TS SCI clearance