ISSO Specialist

ISSO Specialist 

Clearance: Secret

At Aquila Technology, you will see our team’s passion every day, whether we are building a robust, policy-compliant IT system or stress-testing a system to identify gaps and security vulnerabilities. To own the advantage, we ensure our team owns results and gets the work done right the first time by deploying smart, purposeful solutions that work. Aquila is the right people with the right skills driving the right outcomes. We call this the Aquila Advantage.

About the Role:

Aquila is seeking an ISSO to join our team in supporting one of the country’s premier defense research organizations. The group provides cyber security and risk assessment services to the Laboratory. The Group supports the Department of Defense (DoD) to develop resilient, integrated missile defense through threat characterization, advanced technology development, prototyping, and testing.

There are a few requirements for the position:

• Must be a U.S Citizen (Green Cards / Visas do not qualify)
• Willingness to undergo a comprehensive background investigation and maintain a personal security clearance. (Aquila would sponsor you for the security clearance.)
• Must be within commutable distance of Huntsville, Alabama.

Responsibilities:

• Work with the ISSM on compliance activities including RMF Authorization of complex information systems
  
• Assist in the security configuration and management of collateral classified systems and networks in a variety of traditional and virtual environments including Linux, Unix, Sun, Mac, and Windows 
• Assist the ISSM in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy
  
• Confirm plans of action and milestones (POA&M) or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  
• Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals
  
• Track audit findings and recommendations to ensure that appropriate mitigation actions are taken
  
• Utilizing previous RMF experience, recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements
  
• Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures
  
• Collect, analyze, and store system audit records
  
• Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation
  
• Prepare for and participate in periodic organization compliance assessments
  
• Ensure account management documentation is complete and updated
  
• Maintain configuration management documentation (change tracking, maintenance logs, etc.)
  
• Serve as a member of the Configuration Control Board (CCB) as needed
  

What You'll Bring:

• 4 years of System Auditing
• Possess a DoD 8570.01-M IAM I baseline certification
• Associates Degree
  
• 4 years of Regulatory & Compliance
• 4 years of STIGs/SCAP
  
• 4 years of Assessing Security Controls (CS105.16)
• 4 years of Assessment and Authorization
• 4 years of Authorizing Systems (CS106.16)
• 4 years of Categorization of the System (CS102.16)
• 4 years of Continuous Monitoring (CS200.16)
• 4 years of HBSS
• 4 years of Implementation of Controls (CS104.16)
• 4 years of Monitoring Security Controls (CS107.16)
• 4 years of NIST 800-171
• 4 years of NIST 800-53
• 4 years of NIST SP 800-37
• 4 years of Risk Management Framework (RMF)
• 4 years of Security Standards, best practices, and scanning tools (Nessus, Forte, SonarQube)
• 4 years of Selecting Security Controls (CS103.16)
• 4 years of SIEM tools (Splunk, SolarWinds, OpenNMS, Nagios)
  
• 4 years of Active Directory Administration and GPOs
• 4 years of Virtualization Technologies (VMware, including ESXi and VCenter configuration)

Working Knowledge of the Following:

Demonstrated understanding of the following security frameworks is required:

• NIST 800-53 / Risk Management Framework (RMF)
  
• National Industrial Security Program Operating Manual (NISPOM) 32 CFR Part 117
  
• DCSA Assessment and Authorization Process Manual (DAAPM)
  
• AS degree in Information Security, Computer Science, Cybersecurity, Information Technology, Computer Information Systems, or related discipline is required. Technical experience, skills, and course work completed towards an Undergraduate Degree, or industry IT certifications may be considered in lieu of education or DoD security experience requirements
  
• Possess a DoD 8570.01-M IAM I baseline certification (e.g. CompTIA Security+). The group will consider someone w/out this certification IF they are willing to obtain in first 6 months at supplier or candidate's expense
  
• Demonstrated experience with vulnerability scanning and auditing tools and processes is required
  
• Experience and familiarity with multiple operating systems such as Windows Server 2016 and 2019, Windows 10 and 11, Red Hat Enterprise Linux, Mac, etc.

And These Skills are a Bonus:

• A minimum of 4 years of IT security experience in DoD Information Security is preferred
  
• Technical experience securing networks and systems utilizing DISA STIGs and/or SRGs is highly desired
  
• Experience with virtualization technologies, e.g. VMWare ESXi is preferred
  
• Knowledge and hands-on experience with Microsoft Active Directory including configuration of domain settings, managing user accounts and permissions, and effectively deploying Group Policy Objects to secure and customize domain environments

Our interview process is designed to let you get to know us as much as for us to get to know you!

1. You’ll meet with someone from our Recruiting team so we can learn more about you and answer some of your questions.
2. You’ll meet with the Hiring Manager to learn more about the team, and the role, and get to tell us more about what you’d bring to the team
3. You’ll meet team members who will be your peers to help you get a feel for a “real day in the life” at Self.

Benefits and Perks:

Aquila team members experience the opportunity to be part of a fast-paced, customer-focused, and technically innovative work environment. Aquila strives to deliver the best of the best in technical services to our customers. Candidates that possess a love for technical challenges, a desire to constantly learn, and the desire to establish themselves as critical players within a team will enjoy calling Aquila Technology home.

Our Perks Include:

• PTO - 15 days (vacation/sick) 10 paid holidays - 6 standard (New Year’s, Memorial Day, Independence Day, Labor Day, Thanksgiving, and Christmas) - 4 floating holidays prorated based on your day of hire
• 1.5 paid days, or 12 hours, for approved volunteer work
• 1 week of paid maternity/paternity LOA after 1 year of Full-time employment
• Tuition & Training Reimbursement - 5K annually for pre-approved, job-related tuition, certification, or professional conferences
• 401K with Fidelity 100% immediate vesting; Plan eligibility begins 90 days following the date of hire. Aquila matches 50 cents on the dollar, up to 6%.
• Cell Phone & Internet Reimbursed up to $150 monthly to cover cell phone, data, and home internet expenses.
• By Your Own Device (BYOD) Allowance Reimbursed up to $1500 for the purchase of a qualified technology device. Eligible after 90 days of employment, and benefit renews every three years.

Location: Huntsville, Alabama 

Work Schedule: Hybrid - Individual works from home or off-site for a portion of their schedule and within a routinely commutable distance from a Laboratory facility - the expectation is 60% onsite work.

Travel: The position requires occasional local and overnight travel (to Lexington, MA).

Clearance: Candidates must possess active Secret clearance at the time of the start of the assignment

We are an Equal Opportunity Employer.