Job Title:

Reporting To:

Work Schedule:

Moog is looking for anInformation Systems Security Officer (ISSO)to support the Information Security Manager in the operation, accreditation, maintenance,and auditing of Information Systems (IS) used to process classified information and ensure the operational security posture is maintained in accordance with the system security plans and governing policies (i.e. - DCSA Assessment and Authorization Process Manual 6 DAAPM and National Industrial Security Program Operating Manual 6 NISPOM Rule - 32 CFR part 117).

This role sits at our headquarters in East Aurora, NY and has a on-site work schedule.

To be considered for this role, heres what you need to bring with you

• A bachelors degree in information technology, Computer Information Systems, or related field is preferred.

• A two-year IT related degree with four (4) additional years of related experience can be considered in lieu of a formal bachelors degree.

• Minimum of five (5) yearsexperience in Information Assurance.

• Knowledge of policies such as DAAPM, NISPOM Rule, JSIG, ICD 503, RMF, and NIST Special Publications.

• Proficiency with using vulnerability scanning, auditing, SIEM, DLP, and hardening tools such as Nessus, SCAP Compliance Checker (SCC), USB Device Control, STIGs, Windows GPOs (importing, testing, implementing, modifying, exporting), and PowerShell scripts for automated and routine tasks.

• Proficiency with performing data transfers and knowledge of data transfer procedures.

• Appropriate US Security Clearance (Secret/Top Secret) or be able to meet the requirements to attain and maintain a clearance.

• COMSEC-related experience is a plus.

As an Information Systems Security Officer (ISSO), heres what you will do on a daily basis

• Prepare, update, and maintain Risk Management Framework (RMF) documentation such as, but not limited to, Authorization to Operate (ATO) packages, System Security Plans (SSP), Risk Assessment Reports (RAR), Standard Operating Processes (SOP), and Plan of Actions and Milestones (POA&Ms) for all classified networks and systems.

• Perform regular auditing, updating, and continuous monitoring of the bootable Information Systems (IS) to ensure the security controls are implemented & maintained in accordance with RMF/ATO.

• Maintain complete inventory of IS including software and peripheral hardware.

• Assist Data Transfer Agents (DTA) and Facility Security Officer (FSO) to perform file transfers using removable media in accordance with the Assured File Transfer (AFT) policy and procedures.

• Coordinate with the ISSM, the Security Control Assessor (SCA), and the Authorizing Official (AO) for all Configuration Management (CM) changes and modifications to the IS software and hardware.

• Identify and assess device classification risks and determine appropriate risk mitigation safeguards to maintain security posture.

• Schedule, perform, and maintain records of required IS auditing, patching, maintenance, configuration management changes, and scanning based on evolving threat/vulnerabilities and customer compliance requirements.

• Work with System Administrators (SA) in configuring and maintaining IT components and infrastructure to comply with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and DoD cyber security requirements.

• Ensure ISs are operated, maintained, and properly disposed of in accordance with security policies and procedures.

Salary Range Transparency:

Salary Range Disclaimer

The base salary range represents the low and high end of the Moog salary range for this position in the given work location. Actual salaries will vary depending on factors including but not limited to location, experience, and performance. The range(s) listed is just one component of Moogs total compensation package for employees. Other rewards may include annual bonuses, employee stock purchase plan, an open paid time off policy, and many region-specific benefits.

This position requires access to U.S. export-controlled information.