Information System Security Officer (ISSO) - Junior - AFRL

ASTRION, INC.

Eglin Air Force Base, United States of America

10 days ago

Role details

Contract type

Permanent contract

Employment type

Full-time (> 32 hours)

Working hours

Regular working hours

Languages

English

Experience level

Junior

Eglin Air Force Base, United States of America

CompTIA Security+

Computer Security

Information Systems

Digital Assets

Information Security Management

Intrusion Detection and Prevention

Network Security

SAP Applications

Firewalls (Computer Science)

SC Clearance

Implement and maintain security controls for information systems, ensuring alignment with NIST 800-53, NIST 800-171, and other applicable security frameworks
Develop and maintain security documentation, including System Security Plans (SSPs), risk assessments, incident response plans, and security policies and procedures
Utilize eMASS for documenting and managing security controls, developing ATOs for AFRL owned systems, conducting self-assessments, and preparing for audits and assessments
Develop and maintain system security plans (SSPs), policies, and procedures within the eMASS framework, track and manage POA&Ms within eMASS to remediate vulnerabilities and security gaps and support the Authorizations to Operate (ATO) process by providing security documentation, answering security controls, participating in security reviews, and addressing security findings.
Conduct security assessments and audits to identify vulnerabilities and recommend corrective actions
Advise and assist within Special Access Program (SAP) and/or classified environments and support other unclassified enclaves supporting DoD agencies, such as HQ Air Force, Office of the Secretary of Defense and Military Compartments efforts

Education: Bachelor's or Master's Degree. Relevant experience may be substituted for the degree.
Experience: 3 Year's Experience.
Security Clearance: Secret Clearance. Top Secret Eligible. US Citizenship is required.
Certifications:

Minimum one year's experience with Enterprise Mission Assurance Support Service (eMASS)
Experience in information security roles, preferably in a military or defense environments. This may include experience in areas such as cybersecurity, information assurance, network security, or system administration.
Thorough understanding of Department of Defense (DoD) security regulations, policies, and guidelines, including DoD Instruction 8500 series, DoD 8570/8140 requirements, and Risk Management Framework (RMF) processes.
Proficiency in risk management methodologies and techniques, including risk assessment, risk analysis, and risk mitigation strategies, to effectively safeguard information systems and data assets.
Strong technical skills in areas relevant to information security, such as network security, operating systems, cryptography, intrusion detection/prevention systems, firewalls, and security assessment tools.
Excellent verbal and written communication skills are essential for effectively communicating security requirements, policies, and procedures to diverse audiences, including technical and non-technical personnel.
Meticulous attention to detail is critical for reviewing, analyzing, and documenting security controls, vulnerabilities, and incidents accurately and comprehensively.
Strong problem-solving and analytical skills to identify security issues, assess their impact, and develop effective solutions and countermeasures to address them.