Overview
On Site
Full Time
Skills
Information system security
Information systems
Management
Security operations
Authorization
Authentication
Publications
FIPS
Auditing
STIG
Training
Computer hardware
Firmware
DAO
Policies and procedures
Incident management
Media
System security
Security clearance
DoD
Cisco Certifications
CISM
CISSP
GSLC
GSEC
Risk management framework
RMF
XACTA
Splunk
Nessus
Operating systems
Microsoft Windows
Microsoft Windows Server
Microsoft Operating Systems
Policies
Professional writing
Information security
Servers
Cyber security
ISSM
SAP BASIS
Recruiting
Military
Law
Job Details
Amentum is seeking an Information System Security Officer (ISSO) in Springfield, VA in support of a Department of Defense (DoD) customer. In this role, you will be responsible for ensuring the required operational security posture is maintained for various DoD information systems. This role requires detailed knowledge and expertise required to manage the security aspects of both networked and stand-alone information system environments and is assigned responsibility for the day-to-day security operations of these systems. This position will require minimal travel, primarily in and around the Springfield, VA area, in support of remote client locations. You will play an active role in monitoring systems and their environment of operation to include developing and maintaining Authorization and Authentication (A&A) Packages.
The ISSO responds to the ISSM and must be familiar with the National Institute of Standards and Technology (NIST) publications to include SP 800 37, 800 30, 800 39, 800 137, FIPS 199, 200 and Department of Defense (DoD) security policies.
Responsibilities include but are not limited to:
Minimum Qualifications:
Preferred Qualifications:
Other Requirements:
Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran's status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal EEO laws and supplemental language at EEO including Disability/Protected Veterans and Labor Laws Posters.
The ISSO responds to the ISSM and must be familiar with the National Institute of Standards and Technology (NIST) publications to include SP 800 37, 800 30, 800 39, 800 137, FIPS 199, 200 and Department of Defense (DoD) security policies.
Responsibilities include but are not limited to:
- Maintain awareness of changes to DoD cybersecurity and other applicable policies and update local policies as needed.
- Review system security audit logs on standalone and networked systems.
- Utilize Tenable Nessus scanning tools to identify system vulnerabilities and STIG compliancy. Work with IT to remediate all identified vulnerabilities and deficiencies.
- Provide required system security training.
- Perform annual RMF self-inspections for all supported systems.
- Develop and update (as needed) A&A packages and associated artifacts.
- Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM/AO/DAO.
- Ensure systems are operated, maintained, and disposed of in accordance with DoD and local security policies and procedures.
- Support Information System Incident Response in accordance with the DoD and local Incident Response Plan.
- Perform duties as Media Custodian.
- Interface and advise system stakeholders on all system security related matters.
Minimum Qualifications:
- Must have an active Top Secret with SCI eligibility US Government clearance. Note: ship is required to maintain a Top Secret Clearance.
- Must have and be current in at least one of the following certifications to meet DoD 8140 for IAM II (CCSP, CCISO, CGRC, CISM, CISSO, CISSP, GSLC or GSEC).
- At least 2 years previous experience as an ISSO/ISSM or another organizational equivalent.
- Experience in processing Risk Management Framework (RMF) packages within XACTA.
- Knowledge using Splunk, Tenable Nessus, and ePO.
- Familiarization with installing, configuring, maintaining, and troubleshooting operating system platforms such as Windows 10/11 and Windows Server 2019 to include security configuration knowledge of group and local policies. (Preferred).
- Technical and professional writing expertise; experience with MS Office products.
- Experience in information security that includes configuration of workstations and servers for proper security settings.
Preferred Qualifications:
- Bachelor's degree in a Cybersecurity or IT-related field.
- At least 4 years previous experience as an ISSO/ISSM or another organizational equivalent.
Other Requirements:
- This is a non-remote, fulltime on-site position
- Must be able to lift up to 50 pounds on an occasional basis.
- Minimal travel is required (0-10%).
Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran's status, ancestry, sexual orientation, gender identity, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal EEO laws and supplemental language at EEO including Disability/Protected Veterans and Labor Laws Posters.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.