Information Systems Security Officer (ISSO)

Omitron is seeking a full-time Information Systems Security Officer with experience in the NIST 800-53 Risk Management Framework IT systems and networks administration for large-scale mission critical programs supporting the Space Domain Awareness/Command and Control (SDA/C2) mission.

Responsibilities include:

• Lead and work as part of an integrated team to develop and maintain RMF body of evidence documentation (e.g., System Security Plan, Security Controls Traceability Matrix, Plan of Action and Milestones, etc.) using Enterprise Mission Assurance Support Service (eMASS)
• Ensuring implementation and maintenance of the System Security Plan (SSP) and compliance with Federal Information Processing Standards (FIPS) & NIST standards (NIST 800-53, NIST 800-37, etc.)
• Resolve security findings and non-compliance through developing Plan of Actions & Milestones (POA&M) and creating Risk-Based Decisions (RBD)
• Conduct Risk Assessments (RA) and provide vulnerability reports against new and existing infrastructure to minimize organizational and environmental risk
• Support preparation, planning, and coordination for periodic Cyber Readiness Assessments (CRA) to facilitate renewal of system Authorization to Operate (ATO)
• Create and maintain security documents and provide continuous monitoring efforts to ensure policies, regulations, and operating procedures are concurrent with the latest FIPS and NIST requirements
• Work in close coordination with system administrators and other cybersecurity team members to ensure systems are operated and maintained in accordance with applicable security policies and procedures and notify the ISSM when changes occur that might impact system authorization posture
• Conduct vulnerability scans and provide remediation efforts and guidance to mitigate risks
• Define security development and test efforts necessary to implement security controls for networking devices, databases, operating systems, and hardware/software components
• Perform analysis of cybersecurity collected data and test results
• Conduct cybersecurity audits to ensure appropriate implementation and compliance of the security posture

Skill Requirements:

• Proficiency with Windows and Linux operating systems
• Familiarity with virtualization and virtual networks (VMware, Cisco, or Red Hat)
• Familiarity with network devices, firewalls, switches, and routers
• Proficiency with DISA Security Technical Implementation Guides (STIGs), to include system compliance assessment and remediation of non-compliant issues
• Familiarity with scripting and automation (languages vary - Python, MATLAB, BASH, etc)
• Proficiency with Microsoft Office Product Suites: Excel, Word, PowerPoint, Visio
• Work independently as well as in a team environment
• Detail oriented, able to obtain results, and make technical recommendations to leadership or program management

Required Experience:

• Minimum four years of Cybersecurity related experience with multiple Operating Systems (Linux and Windows)
• DoD IAM LVL II/IAT Level III (CISSP Preferred)

Preferred Experience:

• Previous experience in Systems or Network Administration
• Previous NIPR or SIPR Administrator Experience
• Knowledge of Space Domain Awareness/Command and Control (SDA/C2) mission

Required Degree:

• BS degree in a relevant field is preferred (Computer Science, Cybersecurity, or Engineering). 10+ years of cybersecurity related experience may be substituted in lieu of a degree

Security Clearance Requirements:

• Candidate must possess an active TS/SCI clearance
• US citizenship required

Job Location:

• Occasional travel may be necessary

Benefits include:

• Health, Dental and Vision Insurance
• HSA or FSA accounts
• Company paid ST/LT Disability and AD&D insurance
• Paid Federal Holidays
• Paid Vacation Leave and Sick Leave
• 401k with company match
• Supplemental Insurance options like AFLAC
• Education Assistance
• Voluntary Life Insurance