Information Systems Security Officer (ISSO)
Cambridge, MA, United States
**Information Systems Security Officer (ISSO)**
* October 5, 2021
* Posted 1 month ago
**Responsibilities:**
As a part of Team Aquila, a successful candidate will have the opportunity to substantially contribute to and make significant, positive impact within a fast-paced, customer-focused and technically innovative work environment.
* The key focus of this position will be vulnerability management and driving procedure development and implementation.
* Assist in the security configuration and management of collateral classified and unclassified systems and networks in a variety of traditional and virtual environments including Linux, Unix, Sun, Mac, and Windows.
* Assist in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report and Continuous Monitoring Strategy.
* Ensure systems are operated, maintained, and disposed of in accordance with the organizations security policies and procedures.
* Collect, analyze, and store system audit records.
* Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.
* Prepare for and participate in periodic organization compliance assessments.
* Ensure account management documentation is complete and updated.
* Maintain configuration management documentation (change tracking, maintenance logs, etc.).
**Required Skills:**
* Technical experience and skills in securing multiple operating systems such as Windows, Linux and virtualization technologies.
* Experience with DCSA Enterprise Mission Assurance Support Service (eMASS)
* Technical experience securing networks and systems utilizing DISA STIGs and/or SRGs.
* Knowledgeable in computer security principles and policies, including Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), National Industrial Security Program Operating Manual (NISPOM), and Defense Security Service (DSS) Assessment and Authorization Manual (DAAPM).
* Experience with vulnerability scanning and auditing tools and processes.
* Bachelors degree. Technical experience, skills, and coursework completed towards an Undergraduate Degree, or industry IT certifications may be considered in lieu of education or DoD security experience requirements.
* A minimum of 4 years of IT security experience in DoD Industrial Security.
* Technical knowledge of the configuration of common operating systems such as Windows, Linux, and Cisco IOS.
**Preferred Skills/Experience:**
* Possess Security+ certification or be able to obtain one within 6 months of hire.
* Experience securing networks and systems utilizing DISA STIGs and/or SRGs.
**Qualifications and Background:**
* Top Secret Security ClearanceMust have and be able to maintain a Top Secret clearance; SCI and Polygraph eligibility highly desired.
* Bachelor of Science in Information Technology, or a related field and 5-7 years of relevant experience, or 8+ years of experience without degree.
**Travel:** None
**Telecommute:** No
Share This Post