Information Systems Security Officer (ISSO)
Job Description
Salary: $115,000 - $120,000
York Space Systems was founded to radically improve spacecraft affordability and reliability, transforming, and enabling next generation space mission operations worldwide. Today, it is one of the most innovative aerospace companies, specializing in both end-to-end customer solutions and the rapid production of spacecraft platforms. York’s complete Space Segment Solution including spacecraft production, payload integration, system integration & test, launch services, ground segment services, and mission operations enables customers to leverage York’s existing technology solutions to get rapidly and responsively to orbit. We’re looking to expand our team across the board.
York Space Systems was founded to radically improve spacecraft affordability and reliability, transforming, and enabling next generation space mission operations worldwide. Today, it is one of the most innovative aerospace companies, specializing in both end-to-end customer solutions and the rapid production of spacecraft platforms. York’s complete Space Segment Solution including spacecraft production, payload integration, system integration & test, launch services, ground segment services, and mission operations enables customers to leverage York’s existing technology solutions to get rapidly and responsively to orbit. We’re looking to expand our team across the board.
Â
York Space Systems is seeking a Information Systems Security Officer (ISSO) to facilitate A&A (Authorization & Assessment) efforts throughout multiple systems’ RMF lifecycle. The selected candidate will support multiple RMF accreditation efforts and will perform tasks that include determining DoD requirements, hardware/software configuration management (to include baseline configuration), risk assessments/vulnerability assessments, testing and documenting security controls, and ensuring overall compliance with DoD Cybersecurity policies. The ideal candidate will have experience working as an Information System Security Officer (ISSO) or compliance auditor and must be comfortable with handling A&A packages throughout entire accreditation lifecycles.
RESPONSIBILITIES
- Implement the Risk Management (RMF) process throughout the entire A&A lifecycle of the system(s), supporting all efforts pre and post Authority to Operate (ATO) determination
- Assist the ISSM in meeting their duties to support A&A activities and coordinate with system’s Security Controls Assessor (SCA) and Authorizing Official (AO)
- Perform and review technical security assessments of the system(s) to identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies to maintain operational security posture for the boundary systems
- Conduct risk analyses from vulnerability, compliance scans, penetration testing results, and/or other audit activities
- Create and maintain Plan of Action and Milestones (POA&Ms), System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Standard Operating Procedures (SOPs), Configuration Management Plans, Contingency Plans and Test Result/Security Impact Analyses
- Serve as the primary engineer for the implementation and maintenance of security compliance and monitoring solutions and capabilities deployed within the information system(s)
- Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media
- Conduct continuous monitoring (ConMon) activities for applicable authorization boundaries
- Apply and maintain up to date application of Security Technical Implementation Guides (STIGs) to required components of the information systems
- Maintain inventory and asset configuration to include change management documentation
- Ensure that the appropriate operational security posture is maintained for the information system, working in close collaboration with the information system owner and the ISSM
- Notify ISSM when changes occur that might affect the authorization determination of the information system(s)
- Report all security-related concerns and incidents to the ISSM
REQUIRED QUALIFICATIONS
- Experience developing and documenting DoD A&A documentation
- 3-5 years of professional experience in related field
- Associate or higher in field of cybersecurity, information technology, etc.
- DoD 8570 IAT II Certification (or ability to receive certification within 6 months of date of hire)
- US Citizenship and an Active Secret clearance or higher
REQUIREMENTS/PREFERRED EXPERIENCE
- Knowledge of CNSSI 1253, NIST 800 Series (primarily 800-53, 800-53A, 800-171), and DCSA’s DAAPM
- Familiarization with RMF package creation and maintenance artifacts to support A&A decision
- Experience using DISA Security Technical Implementation Guides (STIGs), Security Requirements Guide (SRGs) and Security Content Automation Protocol (SCAP) to audit and securely configure network-enabled devices
- Fundamental knowledge of DISA Enterprise Mission Assurance Support Service (eMASS)
- Familiar with vulnerability tools and audit review tools which include audit log analysis and report generation (Nessus and Splunk experience preferred)
- Experience conducting risk analysis on products and system components through review of CVEs, plugins, CWEs
- Ability to remediate security vulnerabilities by implementing solutions on network devices and applications
- Experience in conducting software due diligence with COTS and GOTS solutions
- Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption)
- Working knowledge of scripting/programming languages (PowerShell, Python, BASH)
- Strong communication and documentation skills
- Flexible and able to adapt to a rapidly changing environment
- Positive, self-motivated individual who can complete tasks independently
Apply Now
Back to Job Listings
Add To Job List
Company Profile
View Company Reviews
Date Posted
06/28/2023
Views
16
Neutral
Subjectivity Score: 0.7
Similar Jobs
Systems Engineer - Mission Operations Lead - York Space Systems
Views in the last 30 days - 0
York Space Systems is seeking a Systems Engineer Mission Operations Lead The role involves acting as the mission operations focal point leading the de...
View DetailsLaunch Systems Integration Engineer, Sr. - York Space Systems
Views in the last 30 days - 0
York Space Systems an innovative aerospace company is seeking a Launch Systems Integration Senior Engineer The role involves coordinating spacecraft l...
View DetailsMarketing Systems Developer - Klaviyo
Views in the last 30 days - 0
Klaviyo a leading marketing automation platform is seeking a skilled GTM Marketing Integrations Salesforce Developer The ideal candidate will have a ...
View DetailsSecurity - CIM Group
Views in the last 30 days - 0
CIM Group is a communityfocused real estate and infrastructure owneroperator lender and developer They aim to create value in real assets benefiting t...
View DetailsSenior Electrical Engineer - Red 6
Views in the last 30 days - 0
Red 6 is a pioneering AR technology startup specializing in synthetic air combat training The company is seeking a Senior Electrical Engineer to contr...
View DetailsCompliance Researcher - Accurate Background
Views in the last 30 days - 0
Accurate Background is seeking a Compliance Researcher to join their team The role involves maintaining the Global Services Register conducting compli...
View Details