Information Systems Security Officer (ISSO)
- Expired: over a month ago. Applications are no longer accepted.
Information Systems Security Officer (ISSO) (TS/SCI)
Mantis Security is seeking for immediate placement a highly qualified and technical Information Systems Security Officer (ISSO) to lead the Assessment and Authorization (A&A) for multiple analytic mission systems. The ISSO must be proficient in standard A&A activities, and will generate and maintain the complete security body of evidence (BoE) while leading the A&A activities according to the Risk Management Framework (RMF). The ideal candidate is further highly technical, with a knowledge of AWS Cloud technologies, and RedHat and CentOS Linux hosts.
The ISSO will work with the software engineers and cloud engineers to ensure applications and systems are developed to meet required security controls, as well as to promote proper security configuration. The candidate should possess 8570 IAT Level II baseline certifications and have working knowledge of the Risk Management Framework (RMF), along with other Intelligence Community (IC) and DoD policy and guidance (ICD 503, CNSSI-1253, etc.). All candidates must have current TS/SCI eligibility with the ability to obtain a CI polygraph to be considered.
Security Clearance and Work Authorization:
Must have current TS/SCI eligibility or Active TS/SCI
Must be able to obtain TS/SCI with CI polygraph
Due to contract requirements, work authorization requires US Citizenship
Bachelor’s degree with 15 years of experience, or Master’s degree with 13 years of experience, or no degree with 20 years of experience
DoD 8570 IAT Level II certification requirements (one of CCNA Security, CySA+, GICSP, GSEC, Security+ CE, or SSCP)
Proficiency with Red Hat and CentOS Linux operating systems
Proficiency with Xacta IA Manager (or Xacta 360)
Proficiency with AWS security configuration, with an AWS “Associate” level certification preferred (one of AWS Certified Solution Architect - Associate, AWS Certified SysOps Admin - Associate, or AWS Certified Developer - Associate)
Support to the Assessment and Authorization (A&A) and all Risk Management Framework (RMF) processes (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.) for all multiple information systems
Work with software engineers, DevOps engineers, release managers, and project management to follow A&A and ATO processes, and ensure Minimum Viable Product (MVP) and full releases are compliant and meet security requirements for continuous delivery to an AWS production environment
Ensure validity and accuracy review of all associated security documentation
Create and maintain System Security Plan (SSP), Security CONOPS, Security Test Plan (STP) and Security Test Procedures, document and maintain implementation details of NIST 800-53 security controls
Plans and performs security functional testing, creates and maintains STPs, supports security assessments
Utilize Xacta to maintain Security Body of Evidence (BoE) files and to work through the A&A process for each system release cycle
Provide guidance on the application of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing and determining the adequacy of required documentation
Manage the plan of action and milestones (POA&Ms) by working with project managers and engineers to develop schedules and engineering actions that mitigate open findings
Monitor and audit operational systems for proper use
Mantis Security believes that our strength is in our employees. We offer employees the chance to work with great people on projects of high importance, and are committed to providing the best culture that foster’s technical innovation and personal growth. To help our staff achieve a productive work-life balance, we offer a full range of highly-competitive benefits for our employees and their families (https://www.mantis-security.com/benefits). For more information visit or website at https://www.mantis-security.com.
Mantis Security CorporationWhy Work Here?
Invest in yourself! Become a leader in cloud engineering, cybersecurity, cyber operations, and cyber tools development!
Mantis Security is a leading specialty firm of high caliber talent who specialize in Cyber Operations, Cyber Defense, Information Assurance, Software Development, DevSecOps, Security Engineering, and Cloud Engineering. We enable and protect our nation's most important IT assets and invest in long term career development of every employee! For more information on our highly competitive benefits package, go to www.mantissecurity.com/benefits