As budgets shrink while user demands increase, Chenega Decision Sciences (CDS) helps customers stay one step ahead of the rapid pace of change, contend with escalating needs for information anytime and anywhere, and develop and manage resilient defense strategies.
We are hiring for an Information Systems Security Officer - Sr.
In this role, responsible for ensuring the appropriate operational security posture is maintained for the information system (IS) on multiple security domains and classification to meet Intelligence Community (IC), DoD and Army cybersecurity/information assurance regulations and policies. You will be expected to use your expertise perform all ISSO duties and responsibilities as well as mentorship while provide over the shoulder training to personnel on the function of the systems and critical cyber areas such as audit, backup, and recovery.
The Information Systems Security Officer - Sr.
shall be responsible for ensuring the appropriate operational security posture is maintained for the information system (IS) on multiple security domains and classification to meet Intelligence Community (IC), DoD, and Army cybersecurity/information assurance regulations and policies. Perform all ISSO duties and responsibilities in DODI 8500.01, DODI 8510.01, and AR 25-2. Responsibilities
- Develop, review, evaluate and verify self-testing results to validate enclave security requirements in accordance with applicable Intelligence Community, DoD, and Army cybersecurity and Information Assurance (IA) regulations, policies, and organizational security policies) in Information Systems (ISs) are met. ISs include Cross Domain Solution Suites (CDSS), Cloud, On-Prem, Tactical, etc., within the program's portfolio.
- Perform validation steps, comparing actual results with expected results, and analyze the differences to identify impact and risks and resolve issues prior to formal Security Test events or Site-Based Security Assessments (SBSA).
- Ensure Army IS cybersecurity-related documentation is current and accessible to properly authorized individuals.
- Prepare, distribute, and maintain plans, instructions, and SOPs concerning system security.
- Prepare and maintain Risk Management Framework (RMF) system accreditation Body of Evidence (BOE) packages using the eMASS, XACTA, or other approved A&A tools, including System Security Plans, Risk Assessment Reports, System Requirements Traceability Matrices (SCTM), and other documentation as required by ICD 503, NIST 800-53, CNSSI 1254, and any additional documentation as determined by the Authorizing Official (AO).
- Direct experience with eMASS, XACTA. or other A&A repositories required.
- Provide over-the-shoulder training to personnel on the function of the systems and critical cyber areas, like audit, backup, recovery, etc.
- Other duties as assigned
Knowledge, Skills and Abilities:
- MA/MS degree in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Cyber Security, Information Technology, Information Security, and Information Systems) and 8+ years of working experience directly related to DoD Cybersecurity Certification and Accreditation or cybersecurity engineering activities OR
- BA/BS degree in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Cyber Security, Information Technology, Information Security, and Information Systems) and 10+ years of working experience directly related to DoD Cybersecurity Certification and Accreditation or cybersecurity engineering activities
- DoD 8570 IAT III certified
- CompTIA Linux+ or Red Hat Linux Administrator certification
- Must be willing to travel as needed, up to 50%
- Possess and maintain a valid state operator's license
- TS/SCI clearance required
- The position requires a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief
- Direct experience with implementation of DOD-I-8500, DOD-I-8510, ICD 503, NIST 800-53, CNSSI 1253, Army AR 25-2, and RMF security control requirements and able to provide technical direction, interpretation, and alternatives for security control-compliant relevant experience must be in computer or information systems design/development and with information assurance and accreditation processes (e.g., System Security Plans, Risk Assessment Reports, Certification and Accreditation Packages, and System Requirements Traceability Matrices).
- Proficient in the primary operating system(s) of ISs undergoing security testing (for example CDSS based on Linux, the individual must be proficient in Linux).
- Technical experience and certification in one or more of the following areas: windows environments, Linux, networking, containers/virtualization, DevSecOps, or database administration.
- Familiar with NCDSMO National Cross Domain Services Management Office), TSABI (Top Secret SCI and Below Interoperability), and SABI (Secret and Below Interoperability) information assurance/cybersecurity requirements.
- Ability to work independently without direct supervision or guidance.
- Ability to occasionally work after hours and/or as on-call support.
- Ability to meet minimum security clearance requirements.
#Chenega Decision Sciences, LLC
Chenega Corporation and family of companies is an EOE.
Equal Opportunity Employer/Veterans/Disabled
Native preference under PL 93-638.
We participate in the E-Verify Employment Verification Program