Information System Security Officer 3

ORANGE you glad that you chose RealmOne?

RealmOne was built on the principle that people matter first and foremost. We believe in providing a strong work/life balance by investing in our employees and encouraging professional and personal growth. We do this by offering exceptional benefits, flexible schedules, and the tools necessary to achieve success through paid training, mentoring, and the opportunity to work alongside top-notch security professionals.

Join us on this journey as we execute this new mission-critical contract providing Cybersecurity Expertise and Risk Management!

Your effort and expertise are crucial to the success and execution of this impactful mission that is critical in ensuring mission success through Security Engineering, Vulnerability Testing, Penetration Testing, Risk Management and Assessment, Insider Threat Analysis, and IT Policies and Procedures by improving, protecting, and defending our Nation's Security.

Job Description:

Provide support for a program, organization, system, or enclave's information assurance program. Provide support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies. Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed. Assist with the management of security aspects of the information system and perform day-to-day security operations of the system. Evaluate security solutions to ensure they meet security requirements for processing classified information. Perform vulnerability/risk assessment analysis to support security authorization. Provide configuration management (CM) for information systems security SW, HW, and FW. Manage changes to system and assess the security impact of those changes. Prepare and review documentation to include SSPs, Risk Assessment Reports, C&A packages, and System Requirements Traceability Matrices (SRTMs). Support security authorization activities in compliance with NIST RMF.

The Level 3 Information System Security Officer shall possess the following capabilities:

• Provide support to senior ISSOs for implementing, and enforcing information systems security policies, standards, and methodologies
• Assist with preparation and maintenance of documentation
• Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information
• Assist with Configuration Management (CM) for information system security SW, HW, and FW
• Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc. to include system upgrades
• Propose, coordinate, and implement information systems security policies, standards, and methodologies
• Develop and maintain documentation for Security Authorization in accordance with ODNI and DoD policies
• Provide CM for security-relevant information system SW, HW, and FW
• Ensure compliance with system security policy
• Evaluate security solutions to ensure they meet security requirements for processing classified information
• Maintain operational security posture for an information system or program
• Provide support to the ISSM for maintaining the appropriate operational Cybersecurity posture for a system, program, or enclave
• Develop and update the system security plan and other Cybersecurity documentation
• Assist with the management of security aspects of the information system and perform day-to- day security operations of the system
• Track and ensure appropriate user identification and authentication mechanism of the Information System
• Obtain system authorization for ISs under their purview
• Provide support for a program, organization, system, or enclave's information assurance program
• Plan and coordinate implementation of IT security programs and policies
• Manage and control changes to the system assessing the security impact of those changes
• Provide daily oversight and direction to contractor ISSOs
• Interact with customers, IT staff, and high-level corporate officers to define and achieve required Cybersecurity objectives

Qualifications:

• 10 years of combined work-related experience in the fields of IT, cybersecurity or security authorization is required. Experience in several of the following areas is required: knowledge of current security tools, HW/SW security implementation; communication protocols; or encryption tools and techniques. Familiarity with commercial security products, security authorization techniques, security incident management, and PKI and authorization services.
• Bachelor's degree in Computer Science or a related field (e.g. General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cybersecurity, Information Technology, Information Assurance, Information Security, and Information Systems) is required.
• In lieu of a Bachelor's degree, 4 additional years of work-related experience may be substituted.

Certifications Required:

• DoD 8570 compliance with IAM I is required.

Position requires active Security Clearance with appropriate Polygraph