Information System Security Officer - ISSO
Description:
Job Title:
Specialist, Cyber Intelligence ISSOJob Code:
SAS20211301-55029Job Location:
Colorado Springs, CO
Job Description:
RespoNsible for the development, deployment and execution of controls and defenses to ensure the security of company technology, information systems, and system deliverables.
Develops and implements appropriate standards and criteria for hardware, software, access and encryption requirements.
Establishes system security designs and validates compliance requirements.
Assesses and mitigates system security threats and risks throughout the program life cycle.
Performs system certification and accreditation planning, testing, and validation activities in coordination with government customers.
Supports secure systems operations and maintenance.
Conducts internal information technology system audits and risk assessments and reports findings and recommendations for corrective actions to management.
Executes first level responses and addresses reported or detected incidents.
Investigates and analyzes all response activities related to cyber incidents.
Interprets, analyzes, and reports all events and anomalies in accordance with directives, to include initiating, responding, and reporting discovered events.
Safeguards information against unauthorized use, infiltration, exfiltration, modification, destruction or disclosure of national security information.
Essential Functions:
Experienced professional with proficient knowledge of job area and practical knowledge of project management.
May manage projects or processes with general supervision.
Communicates with contacts inside and outside of own department to explain and interpret operational processes, practices, and procedures.
Recommends enhancements to systems and processes.
Works to achieve operational targets for specific programs and projects with moderate impact on departmental resultsWork consists of making moderate enhancements or improvements to systems and processes to solve problems or improve effectiveness of job area.
Opportunities for problem solving and innovation are general, and may require understanding of broader set of issues but typically are not complex.
Problems may require understanding of other job areas.
Problems are typically solved drawing from prior experiences, with analysis of the issuesWorks to achieve operational targets with moderate impact on departmental results.
Contributes to the completion of specific programs and projects.
Exerts some influence on the overall objectives of the projectResponsible for analyzing and/or administering security controls for information systemsSafeguards the network against unauthorized infiltration, modification, destruction or disclosureResearches, evaluates, tests, recommends, communicates and implements new security software or devicesImplements, enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunicationsProvide details for developing Information System Security (ISS) Risk Management Framework (RMF) documentation (SSP, SAR, RAR, SAP, SCTM, POA&M, etc.
) to support the Assessment & Authorization (A&A) of assigned systemsPerforms ISS controls assessments as part of the systems' Continuous Monitoring PlanOversees configuration management of assigned systemsPerforms periodic hardware/software inventory assessmentsIdentifies system security controls shortcomings and annotates POA&M entries for deficient items, playing a vital role with remediating control deficienciesAssists with documenting annual ISS Self Assessments
Qualifications:
Bachelor's Degree and minimum 4 years of prior relevant experience or 2 years post-Secondary/ Associates Degree and a minimum of 8 years of prior related experience.
Graduate Degree and a minimum of 2 years of prior related experience3
years' experience as an ISSO (or equivalent position) overseeing cybersecurity on classified and/or unclassified systems under NISPOM Chapter 8, NIST 800-53 and/or NIST 800-171TS/SCI DoD Clearance Minimum Security
certification requiredPreferred Additional Skills:
Works under general supervision.
May be responsible for entire projects or processes within job area.
May be responsible for providing guidance, coaching and training to other employees within job area.
May manage projects at this level with responsibility for the delegation of work and the review of others' work productCommunicates with contacts within and outside of own department and may occasionally have responsibility for communicating with parties external to the organization (e.
g.
, customers, vendors, etc.
).
Explains and interprets processes and procedures to others within and outside the job area.
May work to justify and gain cooperation regarding processes, practices and proceduresWork individually and as part of a team in a diverse, rapidly changing environment3
years' experience as an ISSO (or equivalent position) overseeing cybersecurity on classified and/or unclassified systems under NISPOM Chapter 8, NIST 800-53 and/or NIST 800-171Practical experience running security compliance scans and interpreting vulnerability scanning results (Nessus, SCAP)Experience completing DISA Security Technical Implementation Guidelines (STIG) checklistsExperience with Linux/Unix Information System Security requirements to include archiving audit log dataIn compliance with Colorado's Equal Pay for Equal Work Act, the salary range for this role in Colorado is $69,00-$127,500.
This is not a guarantee of compensation or salary, as final offer amount may vary based on factors including but not limited to experience and geographic location.
L3Harris also offers a variety of benefits including:
health and disability insurance, 401(k) match, flexible spending accounts, EAP, education assistance, parental leave, paid time off, and company-paid holidays.
The specific programs and options available to an employee may vary depending on date of hire, schedule type, and the applicability of collective bargaining agreements.
Estimated Salary: $20 to $28 per hour based on qualifications.
Job Title:
Specialist, Cyber Intelligence ISSOJob Code:
SAS20211301-55029Job Location:
Colorado Springs, CO
Job Description:
RespoNsible for the development, deployment and execution of controls and defenses to ensure the security of company technology, information systems, and system deliverables.
Develops and implements appropriate standards and criteria for hardware, software, access and encryption requirements.
Establishes system security designs and validates compliance requirements.
Assesses and mitigates system security threats and risks throughout the program life cycle.
Performs system certification and accreditation planning, testing, and validation activities in coordination with government customers.
Supports secure systems operations and maintenance.
Conducts internal information technology system audits and risk assessments and reports findings and recommendations for corrective actions to management.
Executes first level responses and addresses reported or detected incidents.
Investigates and analyzes all response activities related to cyber incidents.
Interprets, analyzes, and reports all events and anomalies in accordance with directives, to include initiating, responding, and reporting discovered events.
Safeguards information against unauthorized use, infiltration, exfiltration, modification, destruction or disclosure of national security information.
Essential Functions:
Experienced professional with proficient knowledge of job area and practical knowledge of project management.
May manage projects or processes with general supervision.
Communicates with contacts inside and outside of own department to explain and interpret operational processes, practices, and procedures.
Recommends enhancements to systems and processes.
Works to achieve operational targets for specific programs and projects with moderate impact on departmental resultsWork consists of making moderate enhancements or improvements to systems and processes to solve problems or improve effectiveness of job area.
Opportunities for problem solving and innovation are general, and may require understanding of broader set of issues but typically are not complex.
Problems may require understanding of other job areas.
Problems are typically solved drawing from prior experiences, with analysis of the issuesWorks to achieve operational targets with moderate impact on departmental results.
Contributes to the completion of specific programs and projects.
Exerts some influence on the overall objectives of the projectResponsible for analyzing and/or administering security controls for information systemsSafeguards the network against unauthorized infiltration, modification, destruction or disclosureResearches, evaluates, tests, recommends, communicates and implements new security software or devicesImplements, enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunicationsProvide details for developing Information System Security (ISS) Risk Management Framework (RMF) documentation (SSP, SAR, RAR, SAP, SCTM, POA&M, etc.
) to support the Assessment & Authorization (A&A) of assigned systemsPerforms ISS controls assessments as part of the systems' Continuous Monitoring PlanOversees configuration management of assigned systemsPerforms periodic hardware/software inventory assessmentsIdentifies system security controls shortcomings and annotates POA&M entries for deficient items, playing a vital role with remediating control deficienciesAssists with documenting annual ISS Self Assessments
Qualifications:
Bachelor's Degree and minimum 4 years of prior relevant experience or 2 years post-Secondary/ Associates Degree and a minimum of 8 years of prior related experience.
Graduate Degree and a minimum of 2 years of prior related experience3
years' experience as an ISSO (or equivalent position) overseeing cybersecurity on classified and/or unclassified systems under NISPOM Chapter 8, NIST 800-53 and/or NIST 800-171TS/SCI DoD Clearance Minimum Security
certification requiredPreferred Additional Skills:
Works under general supervision.
May be responsible for entire projects or processes within job area.
May be responsible for providing guidance, coaching and training to other employees within job area.
May manage projects at this level with responsibility for the delegation of work and the review of others' work productCommunicates with contacts within and outside of own department and may occasionally have responsibility for communicating with parties external to the organization (e.
g.
, customers, vendors, etc.
).
Explains and interprets processes and procedures to others within and outside the job area.
May work to justify and gain cooperation regarding processes, practices and proceduresWork individually and as part of a team in a diverse, rapidly changing environment3
years' experience as an ISSO (or equivalent position) overseeing cybersecurity on classified and/or unclassified systems under NISPOM Chapter 8, NIST 800-53 and/or NIST 800-171Practical experience running security compliance scans and interpreting vulnerability scanning results (Nessus, SCAP)Experience completing DISA Security Technical Implementation Guidelines (STIG) checklistsExperience with Linux/Unix Information System Security requirements to include archiving audit log dataIn compliance with Colorado's Equal Pay for Equal Work Act, the salary range for this role in Colorado is $69,00-$127,500.
This is not a guarantee of compensation or salary, as final offer amount may vary based on factors including but not limited to experience and geographic location.
L3Harris also offers a variety of benefits including:
health and disability insurance, 401(k) match, flexible spending accounts, EAP, education assistance, parental leave, paid time off, and company-paid holidays.
The specific programs and options available to an employee may vary depending on date of hire, schedule type, and the applicability of collective bargaining agreements.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
