Overview

Cole Engineering (CESI), A By Light Company is looking for a technically proficient Information Systems Security Officer (ISSO) who will perform critical engineering tasks to develop and maintain the cybersecurity posture, as well as Authority to Operate (ATO), of Department of Defense (DoD) information systems. Candidates will work individually and within a team to develop customized technical solutions to unique problems. Candidates will work on various architectures, classifications, and technologies so a desire to perform research to identify creative and unique solutions is important.

Responsibilities

• Develop creative technical and procedural solutions to effectively secure information systems without introducing significant operational overhead.
• Develop Risk Management Framework (RMF) documentation including a System Security Plan (SSP), Hardware/Software List, Acceptable Use Policy (AUP), and Accreditation Diagrams.
• Hold regular Status/Scrum meetings with the DoD Customer to describe progress on cyber tasks such as Self-Assessments and Technical Implementations.
• Perform technical analysis of security functions to comply with NIST SP 800-53A controls and ensure the protection of computer systems, networks, and information.
• Validate security components are operating efficiently through inspection of the technical artifacts (ACAS Scans, and STIG Checklists)
• Develop justification and mitigating countermeasures to reduce or eliminate risk level of an identified vulnerability through developing a Plan of Action & Milestone (POA&M)

Required Experience/Qualifications

• Bachelor’s degree and at least five years of professional experience in a cybersecurity role
• Experience maintaining an RMF Package within an approved Accreditation Portal
  • Xacta, eMASS, MCCAST
• The ability to successfully interface with the customer and complete all requests in a timely manner
• A strong understanding of enterprise security principles and best practices
• A self-motivated desire for learning new technologies and an interest in professional growth

Preferred Experience/Qualifications

• Technical experience implementing and maintaining enterprise management tools
• Technical experience with virtualization solutions (VMware, Hyper-V, RedHat Virtualization)
• A strong understanding of at least one major scripting language (BASH, PowerShell, Python)
• Experience with source-code analysis tools and with software development lifecycle approaches.
• An active intermediate Professional Security related certification (CISSP, CASP, CySA)

Special Requirements/Security Clearance

• SECRET Security Clearance