Senior Information System Security Officer

Modern Technology Solutions, Inc. (MTSI) is searching for a Senior Information System Security Officer.

How you will contribute to our National Security and Defense mission:

As an ISSO, you will provide support to maintain system security and compliance by performing auditing and patch management, technical security assessments, identifying points of vulnerability and non-compliance, ensuring Information Assurance (IA) standards and regulations are being met, recommending mitigation strategies, and more. You will interface with stakeholders across different disciplines and organizations, including DevSecOps engineers, Cybersecurity Engineers, Cloud Engineers, Modeling and Simulation Engineers, Data Architects, and more.

You’ll be a great fit for this role if:

• You have a passion for technology and cybersecurity.
• You understand the urgent need to modernize IT systems, cybersecurity practices, and infrastructure.
• You know the Department of Defense DevSecOps initiative and reference architectures.
• You have Cybersecurity experience with Cloud systems, on-premises systems, Kubernetes, Containers, and CI/CD.
• You are passionate about continuous learning and growth, and you seek opportunities to challenge yourself.
• You are driven to make a meaningful impact through your work.
• You have excellent communication skills.
  
  

Responsibilities

• Perform day-to-day maintenance of systems, including auditing and patch management.
• Perform technical security assessments of complex cloud and on-premises systems.
• Identify points of vulnerability and non-compliance with established IA standards and regulations and recommend mitigation strategies.
• Apply knowledge of IA policy, procedures, and workforce structure to implement secure networking and computing environments.
• Write authorization and accreditation (A&A) documentation and ensure the systems are operated and maintained in accordance with these security plans.
• Enforce the design and implementations of trusted relationships among external systems and architectures.
• Support security planning, assessment, risk analysis, and risk management for systems and tools.
• Interact with technical team members from multiple organizations in a diversified team environment.
• Identify overall security requirements for the proper handling of data.
• Perform system or network designs that encompass multiple enclaves, including those with differing data protection requirements.
• Recommend system-level solutions to resolve security requirements.
• Ensure all users have the requisite security clearances, authorizations, and need-to-know, and are aware of their security responsibilities before granting access to systems.
• Conduct periodic review of information systems to ensure compliance with the security authorization package.
  
  

Qualifications Required

• 10 years of combined experience working in cybersecurity, information assurance, DevSecOps, information technology, system administration, or related field.
• Expertise in network designs, routing, software-defined networks, virtual networks, subnets, IPAM, DNS, firewalls, TCP/IP, IPv4, and IPv6.
• Experience with both Windows and Linux operating systems.
• Expert knowledge of federal security requirements and mandates (e.g., RMF, Federal Information Processing Standards (FIPS), National Standards of Information Technology (NIST), etc.).
• Proficient in working on DISA Security Technical Implementation Guide (STIG) implementations across multiple operating systems and applications.
• Experience with cloud-based security (e.g., AWS, Azure, GCP, VMWare, Nutanix).
• Proficient with security technologies, such as firewalls, intrusion detection systems, modern encryption, fuzzing tools, vulnerability and compliance scanners, etc.
• Strong understanding of security principles, such as confidentiality, integrity, zero-trust, availability, etc.
  
  

Education

• Bachelor's degree from an accredited university, including classes in Computer Science, Information Assurance, Information Security Systems Engineering, or related fields.
• Meet position and certification requirements outlined in the DoD Manual 8140.03 for ISSO Advanced Proficiency Level.
• Must meet position and certification requirements outlined in the DoD Directive 8570.01-M for Information Assurance Technician (IAT) level 2 and Information Assurance Manager (IAM) level 1.
• CISSP or certifications in one or more of the following: CompTIA Security , GIAC Industrial Cyber Security Certification (GICSP), GIAC Security Essentials (GSEC), GIAC Cyber Security Leadership (GSLC), or ISC2 Systems Security Certified Practitioner (SSCP).
  
  

Clearance Requirements

• Must have a Secret DoD Security Clearance.