Information Systems Security Officer

The Information Systems Security Officer (ISSO) performs local facility IT functions on information systems within classified environments or enclaves and identifies where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. The ISSO establishes strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of classified systems. Includes support of process, analysis, coordination, security certification test, security documentation, investigations, software research, hardware introduction/release, emerging technology research inspections and periodic system audits.

The ISSO assists in the implementation of the required government policy (i.e., NISPOM, DCID 6-3), makes recommendations on process tailoring, participates in and documents process activities. Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. And the ISSO documents the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M.

Primary Duties & Responsibilities:

• Ensure local facility systems are operated, maintained, and disposed of in accordance with security policies and procedures outlined in security authorization packages.
• Verify implementation of delegated aspects of IS security program.
• Attend technical security training (e.g., operating system/networking/security management) relative to assigned duties.
• Ensure all local IS users have requisite security clearances, authorization, need-to-know and aware of their security responsibilities before granting access to the IS.
• Report all security-related incidents to the local facility ISSM.
• Conduct periodic reviews of IS to ensure compliance with the security authorization package.
• Serve as member of the Configuration Control Board (CCB).
• Coordinate changes or modifications to hardware, software, or firmware of a system with the ISSM prior to the change.
• Formally notify the facility ISSM when changes occur that might affect system authorization.
• Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly.
• Ensure all IS security-related documentation is current and accessible to properly authorized individuals.
• Ensure audit records are protected, collected, and reviewed.
• Assist with local facility unclassified IT systems as needed.

Key Requirements:

• Active U.S. Citizenship.
• Active USGSC Interim/Secret (+) security clearance.
• Able to maintain required USGSC level security clearance.
• Must be able to satisfy federal government requirements for access to government information. (Having dual citizenship may preclude you from being able to meet this requirement.)
• Bachelor’s degree with (2+) years of experience in system administration/desktop support or (6+) years of related industrial/cybersecurity administration experience.
• Candidates will not be excluded from consideration with equivalent education and/or experience.

Additional Requirements:

• Current DoD 8570 Baseline Certification (Security+ CE, CAP, GSLC, CASP CE, CISA, CISM, or CISSP).
• Familiarity with DISA Security Technical Implementation Guides (STIGs) and security tools such as Splunk, Symantec, MS Office, VMWare, etc.
• Working knowledge of National and International security frameworks.
• Experience working with the Defense Counterintelligence & Security Agency (DCSA) Authorization and Assessment Process Manual (DAAPM).
• Experience in secure environments that are compliant with the NISPOM, with special emphasis on information assurance as well as Risk Management Framework (RMF) requirements.
• Familiarity with configuration control and change management (PDQ Deploy/Inventory).
• Familiarity with networking concepts (switches/network security).
• Experience with security concepts (Data Loss Prevention, Active Directory, and Security Log Analysis).
• Experience with Microsoft Windows administration in physical/virtual environments
• Strong written and verbal communication skills; ability to present reports to management; motivated to thoroughly investigate, analyze, and document system issues and resolutions.
• Ability to produce quality deliverables and to complete assigned projects on time; provides consistent status updates ensuring IT projects stay focused; reports discovered anomalies/inconsistencies.
• Consistent attention to detail - completes tasks per standard operating procedures; reports discovered anomalies and inconsistencies.
• Persistent and creative problem solver - strong troubleshooting skills and determined to find solutions to technical problems; identifies root cause and presents possible solutions to management.
• Strong work ethic and a proven professional - respectful, dependable, take initiative and follows through.
• Highly motivated and works well in a fast-paced, team-oriented environment; continuously develops new competencies to accommodate evolving expectations.

Location Profile:

Located in Port Saint Lucie, Florida, Atlantic Precision Inc (API) is a premier Aerospace Machining & Build facility with a talented work force using the latest 3D printing metal and additive manufacturing technologies in its 50,000 square-foot facility. With decades of experience, API is trusted by OEMs in commercial aviation, military aviation, power generation and the marine industry to produce quality parts for both prototypes and production requirements.