Information System Security Officer (ISSO)

Company Overview

Millennium Space Systems, A Boeing Company delivers affordable, high-performance space systems for exacting customers. At Millennium, you will be part of a close-knit team working on exciting technological problems. We work in an open environment where ideas are shared across all disciplines, and there are ample opportunities for advancement based on excellence. Superstars are welcome.

At Millennium, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company committed to fostering an environment for every teammate that's welcoming, respectful and innovative, with great opportunities for professional growth. Find your future with us.

Job Summary

As an Information Systems Security Officer (ISSO) at Millennium Space Systems, you ensure that the classified and controlled systems Millennium is responsible for comply with all customer-defined security requirements and applicable federal regulations.

This position's internal job code is Security Design Specialist. Our team is currently hiring for levels 1-2.

Responsibilities

• Perform daily and weekly information assurance activities, such as auditing, and working with the IT team to patch classified systems with the goal of maintaining all systems in compliance with corporate and government directives, regulations, and policies
• Create new and manage existing assessment and authorization packages and perform all tasks necessary to obtain and maintain authorization to operate (ATO). This includes items such as the implementation of security controls, writing procedures for, and conducting certification testing, facilitating third party certification and penetration testing, addressing plan of action and milestones (POA&M) items, and continuous monitoring activities
• Ensure system authorization packages take into consideration the requirements of government agencies and the owner/users of the systems such as program managers, system engineers, and developers
• Design and implement technical security controls for new and existing systems
• Participate in or lead planning and executing risk management activities such as disaster recovery, continuity of operations, and incident response
• Participate in or lead computer forensic activities such as using tools and techniques for attack reconstruction, root cause analysis, and providing solutions/recommendations
  
  

Minimum Qualifications

• 2 years of experience within the IT and/or InfoSec industry
• Certification(s) and experience commensurate with Information Assurance Manager Level I (IAM Level I) as specified by DoDD 8140
• Experience in classified environments (e.g.: Collateral, SCI, SAP)
• Working knowledge of the Risk Management Framework as provided by NIST Special Publication (SP) 800-37, controls provided in NIST SP 800-53, and assessments provided by NIST SP 800-53A and derived policies, such as the Intelligence Community Directive Number 503 (ICD-503) or the Joint Special Access Program (SAP) Implementation Guide (JSIG)
• Working knowledge and experience with completing and submitting accreditation or assessment and authorization packages
• Ability to audit and verify security controls as part of industry standard system hardening or in accordance with customer or government requirements
• Ability to communicate complex concepts with senior management, technical personnel, and external entities including senior representatives of the US Government and teammates
• Ability to audit, scan for vulnerabilities, and continuously monitor mixed computer system environments using vulnerability scanners, SIEMs, and various scripting languages
• This position requires an active U.S. Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)
  
  

Preferred Qualifications

• Ability to participate in or manage Computer Incident Response Team (CIRT) activities, including computer forensic analysis
• Ability to analyze network traffic using common security devices such as wireshark, tcpdump, firewalls, and intrusion detection systems
  
  

Summary Pay-Range

Please note that the salary information shown below is a general guideline only of what is reasonably expected to be paid for the position. Salaries are based upon candidate experience and qualifications, as well as market and business considerations.

• Level 1: $35.14 - $51.68
• Level 2: $42.09 - $61.89
  
  

Before Applying, Please Note

Millennium is DDTC-registered, ITAR-compliant Company. This position is located at a facility that requires special access. Applicants MUST be U.S. citizens and eligible for a security clearance. Additionally, applicants must be willing to apply for and maintain a security clearance. We encourage all interested candidates to apply for any open position for which they feel they are qualified.

Applicant Privacy Policy

Mandatory Security Clearance and Access Process Disqualifying Criteria