⇦ BACK TO CAREER OPPORTUNITIES 


Cyber Information Systems Security Officer (ISSO) [2021-221]

MOSSAIC

Assesses and mitigates system security threats and risks throughout the program life cycle. Performs system assessment and authorization planning, testing, and validation activities in

coordination with government customers. Supports secure systems operations and maintenance. Conducts internal information technology system audits and risk assessments and reports findings and recommendations for corrective actions to management. Executes first level responses and addresses reported or detected incidents. Investigates and analyzes all response activities related to cyber incidents. Interprets, analyzes, and reports all events and anomalies in accordance with directives, to include initiating, responding, and reporting discovered events. Safeguards information against unauthorized use, infiltration, exfiltration, modification, destruction or disclosure of national security information.

Required Skills:

- Intermediate professional with practical knowledge of job area.

Works under moderate supervision to set objectives for own job

area. Communicates with contacts inside and outside own team

to explain and interpret operational processes, practices, and

procedures Identifies and addresses changes within own job

area. Works to achieve operational targets with some impact on

departmental results

- Works under moderate supervision. Works independently on

larger, moderately complex projects or assignments. Sets

objectives for own job area to meet the goals of projects and

assignments. May provide guidance and assistance to entry level

professionals and/or support level employees

- Works to achieve operational targets within job area with some

impact on department results. Contributes to the completion of

milestones associated with specific projects

- Communicates with contacts within and outside of own team

which may include customers or vendors. Explains and interprets

operational processes, practices and procedures of the job area

to others within the organization

- Work consists of making basic adjustments to systems and

processes to solve problems. Identifies, defines and addresses

general problems that are typically within the immediate job area.

Problems are typically solved through drawing from prior

experiences or standard procedures and basic analysis

- Works to achieve operational targets within job area with some

impact on department results. Contributes to the completion of

milestones associated with specific projects

- Responsible for analyzing and/or administering security controls

for information systems

- Safeguards the network against unauthorized infiltration,

modification, destruction or disclosure

- Researches, evaluates, tests, recommends, communicates and

implements new security software or devices

- Implements, enforces, communicates and develops security

policies or plans for data, software applications, hardware, and

telecommunications

Provide details for developing Information System Security (ISS)

Risk Management Framework (RMF) documentation (SSP, SAR,

RAR, SAP, SCTM, POA&M, etc.) to support the Assessment &

Authorization (A&A) of assigned systems

- Performs ISS controls assessments as part of the systems’

Continuous Monitoring Plan

- Oversees configuration management of assigned systems

- Performs periodic hardware/software inventory assessments

- Identifies system security controls shortcomings and annotates

POA&M entries for deficient items, playing a vital role with

remediating control deficiencies

- Assists with documenting annual ISS Self Assessments

- Security + (CE) or equivalent (DoD 8570.01-M)

- 3+ years’ experience as an ISSO (or equivalent position)

overseeing cybersecurity on classified and/or unclassified

systems under NISPOM Chapter 8, NIST 800-53 and/or NIST

800-171

- Practical experience running security compliance scans and

interpreting vulnerability scanning results (Nessus, SCAP)

- Experience completing DISA Security Technical Implementation

Guidelines (STIG) checklists

- Experience with Linux/Unix Information System Security

requirements to include archiving audit log data

Security + (CE) or equivalent (DoD 8570.01-M)

- 3+ years’ experience as an ISSO (or equivalent position)

overseeing cybersecurity on classified and/or unclassified

systems under NISPOM Chapter 8, NIST 800-53 and/or NIST

800-171

- Practical experience running security compliance scans and

interpreting vulnerability scanning results (Nessus, SCAP)

- Experience completing DISA Security Technical Implementation

Guidelines (STIG) checklists

- Experience with Linux/Unix Information System Security

requirements to include archiving audit log data



- Bachelor’s Degree and minimum 5 years of prior relevant experience, or - Graduate Degree and a minimum of 3 years of prior related experience.

At least 3-5 years of prior relevant experience.

Colorado Springs, Colorado

Secret

Immediate

$130k - $135k

U.S. Citizenship is required.
EOE including disability/vet

To learn more about our benefits, please visit: Infinity Careers

UNITED STATES – COVID-19 continues to significantly impact our communities, families and employees. In accordance with Executive Order 14042, effective December 8, 2021, we will require all newly hired employees in the United States to be fully vaccinated prior to their start date.


12/3/2021




BACK TO CAREER OPPORTUNITIES