What are the responsibilities and job description for the Information System Security Officer (ISSO) position at Resonant Sciences LLC?
We are seeking a highly motivated and well-‐organized individual with prior experience administering US government security policies and procedures to serve as an Information Systems Security Officer (ISSO). The Information System Security Officer (ISSO) serves as the principal advisor to the Information System Owner (ISO) and Information System Security Manager (ISSM) on all matters, technical and otherwise. The ISSO will perform a classified cyber security role supporting multiple programs with working knowledge of the Risk Management Framework (RMF).
The ISSO will work closely with the Facility Security Officer and Customer Program Security Officer to ensure all systems security procedures are being followed. Requires the ability to make sound decisions, take independent action, analyze problems, and provide focused solutions with the ability to effectively communicate information to various audiences both verbally and through written communications. Will be required to interact with internal and external customers or Government security officials to perform security duties; address routine information security matters with employees regarding issues; report preparation, system security access briefings, and other duties as required.
The selected ISSO will have responsibility for the following areas:
Resonant Sciences is a research and development firm with locations all over the United States, focused on developing and transitioning innovative technologies and solutions to developmental and operational platforms. Our areas of expertise include radome and antenna design and fabrication, custom electronic solutions, and RF measurements of materials, antennas, radomes, and subsystems. Our extensive capabilities include design and analysis, production, and ground and flight testing.
A career at Resonant Sciences means that you will be involved in the complete development life cycle, seeing your design evolve from development prototype to incorporating mission requirements to technical specifications into a finished product for field testing.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
The ISSO will work closely with the Facility Security Officer and Customer Program Security Officer to ensure all systems security procedures are being followed. Requires the ability to make sound decisions, take independent action, analyze problems, and provide focused solutions with the ability to effectively communicate information to various audiences both verbally and through written communications. Will be required to interact with internal and external customers or Government security officials to perform security duties; address routine information security matters with employees regarding issues; report preparation, system security access briefings, and other duties as required.
The selected ISSO will have responsibility for the following areas:
- Maintains/recommends changes of the cybersecurity program to the ISSM.
- Participates in the development and implementation of security procedures.
- Works with ISSM to develop operational information systems security.
- Leverages guidance pertinent to all applicable directives and publications
- Participates in the generation and maintenance of RMF documentation.
- Plays an active role in monitoring a system and its environment of operation to include developing and updating the system artifacts, managing, and controlling changes to the system and assessing the security impact of those changes, in close coordination with the ISSM.
- Reviews artifacts pertinent to an information system ensuring Authorization to Operate (ATO) compliance.
- Coordinates with ISSM/CPSO on approval of external information systems
- Maintains, per individual system and its accreditation, a baseline of configuration, hardware, software, and firmware.
- Maintains, updates, and executes information system continuous monitoring plan.
- Ensures data ownership and responsibilities are established for each IS and specific requirements (e.g., accountability/access/special handling requirements) are enforced.
- Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS.
- Maintains a working knowledge of system functions, security policies, technical security safeguards and operational security measures.
- Ensures adherence to these information system security policies and procedures.
- Ensures proper procedures are followed, per the Cyber Incident Response Plan, when information system security incidents are discovered.
- Disseminates appropriate documentation to all applicable personnel.
- Assists with development of an effective information system security education, training, and awareness program.
- Ensures initial, annual and “as needed” training is accomplished and documented.
- Prepares audit/event reports for ISSM review, highlighting any/all anomalies.
- Ensures events captured are as outlined in applicable directives and publications.
- Participates in scheduling periodic testing to evaluate the security posture of IS.
- Coordinates with parties to employ various intrusion attacks.
- Ensures all system security-related vulnerabilities are documented and ensure serious/unresolved violations are reported to the AO/DAO
- Ensures systems are operated, maintained, and disposed of according to the policies and procedures outlined in the security authorization package.
- Advises users on the proper operation of a specific IS as outlined in its SCTM.
- Assists SAs in the approved maintenance procedures as approved by the ATO.
- Provides guidance, based on component classification, before purging and release
- Ensures system administrators (SA) monitor all available resources that provide warnings of system vulnerabilities or ongoing attacks.
- Confirms domain/local policies are configured to meet regulatory requirements.
- Monitors system backup and recovery processes to ensure security features and procedures can be properly restored and are functioning correctly.
- Serves as member of the configuration change board (CCB).
- Coordinates any configuration changes of a system with the ISSM prior to the change.
- Assesses changes to the system/operational needs that could affect its accreditation.
- Voting/veto member of the CCB for all systems.
- Assists with coordination between Resonant Sciences Security and Government authorities regarding system security posture requirements.
- Participates in information system security inspections, tests, and reviews.
- Ensures ISSM understands inspection timelines, operational impacts, and results.
- Serves as a member of the COMSEC Team.
- The ISSO shall assume ISSM responsibilities in the absence of or if no ISSM is assigned.
- Assists the ISSM in meeting their duties and responsibilities.
- Interfaces with internal and external customers, program managers, IT, security staff, etc.
- Maintains required DoDD 8570.01 IAM level II certifications.
- Attends required technical and security training (e.g., operating system, networking, security management) relative to assigned duties.
- Provides technical guidance as a non-voting member of the configuration change board.
- Performs other duties, as assigned.
- Certification level to meet DOD Directive 8570.01-M IAM II requirements.
- 2 years of ISSO experience in a TS/SCI environment supporting a government customer or 7 years as System Administrator/Cyber Support to classified systems.
- Experience with supporting various system configurations (Stand Alone, Peer to Peer Networks, Local Area Networks, and Wide Area Networks) and security hardening, test, and maintenance of systems.
- Experience with various Security Content Automation Protocol (SCAP) tools such as Assured Compliance Assessment Solution (ACAS) (Nessus) and SCAP Compliance Checker (SCC).
- U.S. Citizenship required.
- Current Secret security clearance required. TS/SCI & SAP eligibility required. Active TS/SCI security clearance desired.
- Become part of a high-tech work environment that is highly impactful, exciting, and collaborative.
- Flexible working environment that enables our employees to balance work and personal life.
- A comprehensive benefits package that includes medical, dental, vision and prescription benefits with extremely low employee cost share for you and your eligible dependents.
- A well-funded Health Spending Account with standard account fees paid by Resonant Sciences.
- 10 Federal Holidays (6 Standard, 4 Floating).
- A flexible Paid Time Off plan for employees.
- A generous retirement plan, subject to plan, IRS and ERISA rules.
Resonant Sciences is a research and development firm with locations all over the United States, focused on developing and transitioning innovative technologies and solutions to developmental and operational platforms. Our areas of expertise include radome and antenna design and fabrication, custom electronic solutions, and RF measurements of materials, antennas, radomes, and subsystems. Our extensive capabilities include design and analysis, production, and ground and flight testing.
A career at Resonant Sciences means that you will be involved in the complete development life cycle, seeing your design evolve from development prototype to incorporating mission requirements to technical specifications into a finished product for field testing.
We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.