Information System Security Officer (ISSO) / Cyber Intelligence [2022-05]


Infinity is a small business with extensive experience supporting aerospace and defense systems. Make a positive impact and join our Infinity Systems Engineering team who thrive on innovative ideas and meeting challenges for success.

Assesses and mitigates system security threats and risks throughout the program life cycle. Performs system assessment and authorization planning, testing, and validation activities in coordination with government customers. Supports secure systems operations and maintenance. Conducts internal information technology system audits and risk assessments and reports findings and recommendations for corrective actions to management. Executes first level responses and addresses reported or detected incidents. Investigates and analyzes all response activities related to cyber incidents. Interprets, analyzes, and reports all events and anomalies in accordance with directives, to include initiating, responding, and reporting discovered events. Safeguards information against unauthorized use, infiltration, exfiltration, modification, destruction or disclosure of national security information.

Summary of Responsibilities:

• Intermediate professional with practical knowledge of job area. Works under moderate supervision to set objectives for own job area. Communicates with contacts inside and outside own team to explain and interpret operational processes, practices, and procedures Identifies and addresses changes within own job area. Works to achieve operational targets with some impact on departmental results

• Works under moderate supervision. Works independently on larger, moderately complex projects or assignments. Sets objectives for own job area to meet the goals of projects and assignments. May provide guidance and assistance to entry level professionals and/or support level employees

• Works to achieve operational targets within job area with some impact on department results. Contributes to the completion of milestones associated with specific projects.

• Communicates with contacts within and outside of own team which may include customers or vendors. Explains and interprets operational processes, practices and procedures of the job area to others within the organization

• Work consists of making basic adjustments to systems and processes to solve problems. Identifies, defines and addresses general problems that are typically within the immediate job area. Problems are typically solved through drawing from prior experiences or standard procedures and basic analysis

• Works to achieve operational targets within job area with some impact on department results. Contributes to the completion of milestones associated with specific projects

• Responsible for analyzing and/or administering security controls for information systems

• Safeguards the network against unauthorized infiltration, modification, destruction or disclosure

• Researches, evaluates, tests, recommends, communicates and implements new security software or devices

• Implements, enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunications

• Provide details for developing Information System Security (ISS) Risk Management Framework (RMF) documentation (SSP, SAR, RAR, SAP, SCTM, POA&M, etc.) to support the Assessment & Authorization (A&A) of assigned systems

• Performs ISS controls assessments as part of the systems’ Continuous Monitoring Plan

• Oversees configuration management of assigned systems

• Performs periodic hardware/software inventory assessments

• Identifies system security controls shortcomings and annotates POA&M entries for deficient items, playing a vital role with remediating control deficiencies

• Assists with documenting annual ISS Self Assessments

Required Skills:

• Communicates with contacts inside and outside own team to explain and interpret operational processes, best practices, and procedures

• Work individually and as part of a team in a diverse, rapidly changing environment

• Security + (CE) or equivalent (DoD 8570.01-M)

• 3+ years’ experience as an ISSO (or equivalent position) overseeing cybersecurity on classified and/or unclassified systems under NISPOM Chapter 8, NIST 800-53 and/or NIST 800-171

• Practical experience running security compliance scans and interpreting vulnerability scanning results (Nessus, SCAP)

• Experience completing DISA Security Technical Implementation Guidelines (STIG) checklists

• Experience with Linux/Unix Information System Security requirements to include archiving audit log data

Additional Skills:

• Knowledgeable on ACAS and has official training (DISA), Linux/RHEL auditing experience, knowledgeable of RMF Continuous Monitoring as well as SCC – STIG and STIG scanning

• 2 years post-Secondary/ Associates Degree and a minimum of 6 years of prior related experience; or • Bachelor’s Degree and a minimum of 2 years of prior related experience; or • Graduate Degree or equivalent with 0 to 2 years of prior related experience

Requires practical knowledge of job area typically obtained through advanced education combined with experience

Colorado Springs, CO


7 Feb 2022

$115k - $130k

U.S. Citizenship is required.
EOE including disability/vet

To learn more about our benefits, please visit: Infinity Careers

UNITED STATES – COVID-19 continues to significantly impact our communities, families and employees. In accordance with Executive Order 14042, effective January 18, 2022, we will require all newly hired employees in the United States to be fully vaccinated prior to their start date.