SUMMARY:
An Information Systems (IS) Security Officer (ISSO) is an individual responsible for ensuring the appropriate technical and operational security posture is maintained, specified, installed, and supported on all Company-owned computer
systems as required. The ISSO ensures that the company's information systems comply with regulations and customer requirements by performing duties as defined in DoD 5220.22-M (NISPOM), DAAPM, NIST-SP 800-53, NIST-SP 800-37, NIST SP 800-171, CMMC, and other requirements. The ISSO is also responsible for planning and responding to service outages and other issues.
The ISSO is responsible for managing the A-10 TSSC IS administration and assisting managing the A-10 TSSC IS administration in conjunction with the company Information Systems Security Manager (ISSM) and team. This is a hands-on position that includes analysis of requirements, proposing solutions, managing and participating in project implementations, and on-going support of the IS infrastructure. The objective of this position is to meet program requirements while continually improving operating efficiencies by enhancing the IS process.
Additionally, the Information Technology (IT) Manager is responsible for overseeing the planning, implementation, and maintenance of all technology systems within the Training Systems Support Center (TSSC). This role ensures that TSSC IT operations run securely, efficiently, and in alignment with company objectives. The IT Manager manages vendors and provides strategic guidance on technology investments and digital transformation initiatives.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Perform general administration and conduct routine audits of systems and software and maintain records documenting purchase/acquisition/disposal of all IS related inventory in accordance with security policies and procedures.
Own RMF lifecycle execution for all accredited systems including artifacts, POA&M management, and continuous monitoring activities.
Lead cybersecurity compliance efforts for ATO renewals and ongoing sustainment.
Oversee implementation of NIST 800-53 security controls and ensure evidence collection for audits.
Perform regular backups, ensure integrity of backup systems & media, and retain backups for all systems in accordance with approved policies and procedures.
Support simulator hardware/software baselines, build management, and change management reviews.
Ensure that proper decisions are made concerning risk levels for the systems and areas of concern for confidentiality, integrity, and availability of the data.
Participate in risk assessment procedures for verification of Assessment and Accreditation RMF safeguards.
Apply updates, patches and configuration changes to IS equipment.
Add, remove and update user account information and ensure all proper account management documentation is completed prior to adding/deleting IS accounts.
Verifying all IS security-related and system related documentation is current and accessible to properly authorized individuals Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRG)).
Initiate protective or corrective measures, in coordination with the security manager, when a security incident or vulnerability is discovered.
Report security incidents or vulnerabilities to the ISSM
Initiate exceptions, deviations, or waivers to cybersecurity requirements.
Conduct periodic assessments of authorized ISs and provide corrective actions for all identified findings and vulnerabilities to the ISSM.
Conduct vulnerability assessments of the information systems using ACAS and generate assessment reports.
Respond to technical and security inquiries.
Applies various analysis tools and techniques to identify, develop, procure, implement, and support IS solutions that increase quality, productivity, and overall effectiveness of the Company departments.
Complete required technical and security training relative to assigned duties.
Specifies system requirements for information systems for improvements.
Keeps system users informed of progress and updates.
Works with Information System Technology and Security Department to ensure appropriate security protections are in place to protect against malicious external penetrations and/or data loss.
Act as a backup for ISSM-related tasks on all accredited systems. This includes documentation updates, user security briefings, and auditing.
Verifying the implementation of delegated aspects of the IS security program.
Adheres to company and client department policies on information security and risk management.
Coordinates the inclusion of other staff and technical resources as necessary.
Attends necessary weekly, monthly, and quarterly meetings as required or directed.
Perform other tasks assigned by supervisor.
QUALIFICATION REQUIREMENTS:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
EDUCATION and/or EXPERIENCE:
Bachelor's Degree (B.S.) in related field and at least 5 years related experience and/or training. Experience or working knowledge of vulnerability scanning procedures. Experience with ACAS, eMASS, STIG's, CIS Benchmarks, SCAP Compliance Checker (SCC), McAfee ePO, and other related security compliance solutions to oversee the implementation and enforcement of security policies. Experience preparing documentation required to obtain an Authorization to Operate (ATO) following assessment and authorization in an RMF environment.
CERTIFICATION:
Must meet DoD 8140/8570 IAM-I requirements within 6 months of hire date:
GSEC
Security+
SSCP
LANGUAGE SKILLS:
Ability to read, analyze, and interpret common professional literature. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Ability to effectively present information to management, and colleagues.
MATHEMATICAL SKILLS:
Ability to comprehend and apply basic mathematical skills.
COMPUTER SKILLS:
Experience with implementation, configuration, and management of Microsoft Windows and Linux operating systems. Experience with implementing and troubleshooting computer networks. Technology skills, including proficiency with Microsoft Office applications are essential. Experienced and proficient in the use of standard personal computer software tools; including word processors, spreadsheets, presentation graphics and databases.
REASONING ABILITY:
Ability to define problems, collect data, establish facts, and draw valid conclusions.
CITIZENSHIP:
U.S. Citizenship. Must be able to obtain a Secret Level Clearance
OTHER SKILLS and ABILITIES:
Experienced and proficient in the use of standard Personal Computer productivity software tools including word processors, spreadsheets, presentation graphics, project management, and databases.
PHYSICAL DEMANDS:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; and talk or hear. The employee is frequently required to stand; walk; climb or balance; and stoop, kneel, crouch, or crawl.
The employee must regularly lift and/or move up to 10 pounds, must frequently lift and/or move up to 25 pounds, and must occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision, color vision, depth perception, and the ability to adjust focus.
CymSTAR, LLC will recruit, hire, train, and promote qualified individuals in all job titles and ensure that all other personnel actions are administered without regard to race, color, religion, sex, military and/or veteran status, or disability or any other characteristic protected by federal, state, or local laws in accordance with Section 503 of the Rehabilitation Act of 1973, as amended, and the Vietnam Era Veterans Readjustment Assistance Act of 1974, which require affirmative action to ensure equal opportunity in all aspects of employment. CymSTAR, LLC does not discriminate on the basis of national origin or citizenship status as provided under the Immigration Reform and Control Act of 1986.
If you are interested in applying for employment and need special assistance or an accommodation to apply for a posted position, please contact our Human Resources department via phone at 918-251-8100 or email at?hr@cymstar.com
This policy applies to all employment terms and conditions, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
