Information Systems Security Officer

The Information Systems Security Officer (ISSO) is responsible for implementing and maintaining cybersecurity controls for DoD classified information systems in compliance with RMF, NIST 800-53, STIGs, National Industrial Security Program Operating Manual (NISPOM), Joint Special Access Program Implementation Guide (JSIG) and related cybersecurity requirements. This role supports the full Assessment and Authorization (A&A) lifecycle, including maintaining Authority to Operate (ATO) packages in eMASS/XACTA, conducting Continuous Monitoring (ConMon), reviewing security logs and audit evidence, managing Assured Compliance Assessment Solution (ACAS) vulnerability scans, tracking remediation activities and Plan of Action Milestones (POA&Ms) and supporting incident response procedures. The ISSO will administer security within Linux, virtualized and cloud-native environments, including AWS and Kubernetes, while collaborating with system administrators, engineers and government stakeholders to ensure compliance and operational security.

The physical demands and work environment described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. Reasonable accommodations may be made to individuals with disabilities to perform the essential functions.

Must have a current Top-Secret clearance with the ability to obtain a TS/SCI security clearance.

A Security+ CE is required.

Must have or be able to obtain within six months of hire, a DoD 8570 IAT Level III certification (CISSP, CASP+, CISA, GCED, GICSP, CGRC, etc.).

Bachelor's degree in Cybersecurity, Information Technology, Information Systems or a related field from an accredited college or university and eight plus years of total related IT/cyber experience; or equivalent combination of education and relevant professional experience.

Two plus years of experience as an ISSO or ISSM.

One to two years of experience securing cloud-native environments, including AWS and Kubernetes, with knowledge of container security, IAM, logging, monitoring, vulnerability management and compliance requirements.

Experience maintaining Authority to Operate (ATO) packages within eMASS or XACTA and supporting RMF activities for classified systems.

Experience conducting ACAS vulnerability scanning, vulnerability remediation tracking and POA&M management.

Experience reviewing security logs, audit records, and compliance evidence to support. Continuous Monitoring (ConMon) requirements.

Experience implementing and maintaining security controls in accordance with NIST 800-53 and DoD cybersecurity requirements.

Experience with Linux operating systems and command-line administration.

Experience with virtualized environments and hypervisors.

Knowledge of XACTA or eMASS.

Knowledge of the A&A process for DoD information systems.

Knowledge of NISPOM, DCSA A&A; Process Manual, JSIG, ICD 503/703, STIGs, RMF and associated NIST publications.

Knowledge of incident handling and response procedures, including data spills involving unclassified and classified systems.

Previous experience within the U.S. Department of Defense highly desired.

Expected travel up to 10% (1-2 trips/year).

Preferred Qualifications:

Experience supporting TS/SCI and/or Special Access Program (SAP) environments.

Experience supporting AWS GovCloud environments.

Experience with Splunk, ACAS/Tenable, VMware vSphere/ESXi, and enterprise vulnerability management programs.

Experience supporting Security Control Assessments (SCAs) and (ConMon) activities.

Salary Range: $125K-$150K

Based on your qualifications, you will be placed in Level I-V.

An essential qualification for this position is successfully obtaining a security clearance issued by the Federal Government, which may require successful completion of a background check.

AUSGAR's salary range is dependent upon a variety of factors, which include experience, skills, education, certifications and geographical location. Our salary range includes a base salary and excellent benefits package as part of our total compensation.

AUSGAR Technologies, Inc., an equal opportunity employer, is an established, Service-Disabled Veteran-Owned Small Business (SDVOSB) Department of Defense, government contractor with core competencies in Information Assurance, Cybersecurity and Systems Engineering. With offices on both the East and West coasts, an inviting culture and above-standard benefits, opportunity abounds for the right individual!