Information Systems Security Officer

AMERICAN SYSTEMS is an employee-owned federal government contractor supporting national priority programs through our strategic solutions in the areas of Information Technology, Test & Evaluation, Program Mission Support, Engineering & Analysis, and Training.

Perform duties and responsibilities of an ISSO for networks when required.
• Support in the duties and responsibilities of managing the Common Configuration Control Board (CCB) process.
• Monitor and analyze security logs and alerts to detect and respond to security incidents in a timely manner.
• Assess and audit security systems, including firewalls, intrusion detection systems, and access control systems.
• Support in the continuous monitoring of security controls and vulnerabilities.
• Conduct regular risk assessments and vulnerability assessments to identify potential security threats and vulnerabilities.
• Maintain accurate and up-to-date records of RMF documentation, security assessment reports, Plans of Actions and Milestones (POA&Ms), and other relevant documents and uploaded into eMASS IAW DOW frequency requirements.
• Complete Security controls Revalidations for all authorizations within a 2-year period.
• Assist in authoring and editing Cybersecurity related documents such as ISA, CCB, CIE, MFR or other reports as assigned.
• Develop and deliver security awareness and training programs for all employees, contractors, and other stakeholders about cybersecurity, foster a culture of security within the organization, and reduce the risk of security incidents.
• Develop, update, and maintain internal IA continuity guides for the Cybersecurity program.
• Guides should encompass all aspects of task execution, including processes, procedures, and best practices.

• Bachelor's Degree and a minimum of 5 years of IT or cybersecurity management experience including security practices, risk management, and compliance. (A combination of education and experience can be used in lieu of a degree.)
• Minimum of 3 years of IT or cybersecurity experience in roles such as System Administrator, Network Administrator, Information Systems Security Officer (ISSO) or other related roles.
• Minimum 3 years of Linux (RHEL) administarion experience
• Experience with security tools and technologies used for monitoring and protecting information systems.
• Strong understanding of cybersecurity principles, practices, and standards.
• At a minimum, possession of DoD Directive 8570/8140 Information Assurance Technical or Manager Level I certification.
• DISA ACAS Training/Certified
• Active, in-scope US Government issued Top Secret clearance.
• Security+, CISSP, CISM certifications