Information System Security Officer

• Performs assessments of systems and networks within the networking environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations (compliance audits) and active evaluations (vulnerability assessments).
• Establishes strict program control processes to ensure mitigation of risks and supports for obtaining certification and accreditation of systems. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.
• Assists in the implementation of required government policy (e.g.,, NISPOM, DCID 6/3), and makes recommendations on process tailoring.
• Supports the formal Security Test & Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Performs analyses to validate established security requirements and recommends additional security requirements and safeguards where required.
• Supports the formal Security Test & Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed.

Desired Qualifications:

• Provide guidance on system security, assessment and authorization issues, and INFOSEC policy and security vulnerabilities.
• Support comprehensive investigations into all related data spills and IT incidents at both government and contractor sites.
• Ability to troubleshoot technical configurations and make recommendations on the protection of classified and sensitive data.
• Development and maintenance of all SSP documentation and risk analysis.
• Responsible reporting of security related incidents including development of protective or corrective measures to discover vulnerabilities.
• Familiarity with conducting research and analysis, network and information system security principles and best practices, and controlling, labeling, virus scanning, and transferring data between information systems at varying classification levels.

• Master's Degree and 2 years work experience, Bachelor's Degree and 3 years of work experience or equivalent, Associates Degree and 6 years of work experience or equivalent, High School/GED and 8 years of work experience or equivalent.

Why Join Cyber Defense Technologies? At CDT, we offer a collaborative and inclusive work environment where your expertise can help shape the future of cybersecurity and engineering solutions.

Compensation and Benefits:

• Competitive salary based on experience.
• Comprehensive benefits package, including health, dental, and retirement plans.
• Opportunities for professional development and career advancement.

CDT is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity employer making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.