Job Title: Specialist, Information System Security Officer (ISSO) – Level 3
Job Code: 17315
Job Location: Palm Bay, FL (Onsite)
Job Description:
Implements the day-to-day information system security program for the assigned classified information systems. Works directly with the Information System Security Manager (ISSM), Contractor Program Security Officer (CPSO), Program Managers and program personnel to ensure customer regulations, laws and policy is followed (ICD-503, FISMA, NIST 800-53 Rev 5). Implements, tests, documents, and continuously monitors applicable system security controls with the goal to ensure all systems are authorized to operate. Works with Programs and IT to develop secure solutions for Contract execution. As an on-site security professional, responsibilities will include management and execution of all classified information system security for the assigned systems to include system auditing, access control, solution development, vulnerability management, asset management, inspection for prohibited technology, user accounts (help desk support), user security support, document control (sanitization/degaussing/destruction), and media release processes. Successful candidates will experience across all layers of the OSI model and exhibit the dedication and expectation of excellence required of a seasoned security professional while working and making decisions independently without direct supervision. The position will interact with internal and external customers or Government security officials in performance of security duties.
Essential Functions:
- Authoring and updating system body of evidence that meet NIST RMF and Customer policy/guidelines.
- Developing test plans and scenarios that will be used for security control assessments as part of the systems’ initial standup, change process and continuous monitoring.
- Overseeing and enforcing the configuration management of assigned systems.
- Works with IT organization to develop device and system hardening guides following manufacturer, DISA, and NIST guidelines.
- Identifying and resolving security gaps/risks within classified systems.
- Analyzing and reviewing vulnerability scan data using tools such as Tenable SC and/or ACAS.
- Provide vulnerability remediation actions to IT Admins and chart vulnerabilities over time.
- Auditing systems to ensure only approved changes are made utilizing Splunk.
- Writing and developing Splunk search queries to support incident investigation and new requirements.
- Conducting periodic hardware/software inventory inspections.
- Identifying system security control implementation shortcomings and developing POA&Ms.
- Remediating security control deficiencies.
- Maintaining operational information security posture for a system, program, or enclave.
- Investigating security incidents such as data spills, data integrity and malicious events.
- Authoring and delivering security education training to range of audience levels.
- Managing and providing media release and transfer between systems.
- Managing a help desk queue for user accounts and security support.
- Responsible for effective communications regarding security by interfacing with or liaising with external customers (Government, Associate Contractors, Subcontractors, former employees) and internal L3Harris organizations.
- Foster teamwork and collaborative efforts among Security team members to ensure timely completion of group project tasks and responsibilities.
Qualifications:
- Bachelor’s Degree and minimum 4 years of prior relevant experience. Graduate Degree and a minimum of 2 years of prior related experience. In lieu of a degree, minimum of 8 years of prior related experience.
- An active security clearance is required, TS with SCI Eligibility.
- DoD 8140.3 ISSM Basic Certification (Sec+) or higher.
- Hands-on experience with Risk Management Framework.
Preferred Additional Skills:
- CCSP Certification with Cloud experience in a classified environment.
- Experience as a Cleared Defense Contractor (CDC) working in corporate and/or government environments in support of DoD.
- Efficient, proactive, responsive team player with excellent written and oral communication skills; able to interface effectively with all levels of corporate management and government customers.