Multiple Locations
8 days ago
Information Systems Security Officer (ISSO) Intermediate - TS/SCI with Poly
*

Are you searching for a professional environment that encourages personal and educational development and dedication to the mission?
Join a team of security experts who are dedicated to protecting and securing our customers' systems at both the enterprise and program level. Our specialists work closely with others in the RMF process to ensure the highest level of security for every system.

We are seeking an Information Systems Security Officer (ISSO) Intermediate (Int) for a prime contract that is based out of our Columbia, MD office.  As the ISSO Int, you will serve on a team that is responsible for the Authorization and Assessment process under the Risk Management Framework (RMF) for new and existing information systems and will be expected to maintain Authority to Operate compliance for all assigned systems.


The work environment is fast-paced and sometimes involves deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers. Our program includes easily available process information and support from others with similar positions across the team.


Responsibilities\: 

Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves. Provide guidance and technical expertise on all matters that impact or effect the security of the information system. Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis. Developing, updating, and submitting the System Security Plan and other required documentation that make up the Security Authorization Package. Conduct configuration management for security-relevant changes to software, hardware, and firmware. Perform and deliver security impact analyses of changes to the system or its environment of operation. Assess the effectiveness of system security controls on an ongoing basis to determine system security status. Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments. Provides configuration management for security-relevant information system software, hardware, and firmware.

#divergent

*

Are you searching for a professional environment that encourages personal and educational development and dedication to the mission?
Join a team of security experts who are dedicated to protecting and securing our customers' systems at both the enterprise and program level. Our specialists work closely with others in the RMF process to ensure the highest level of security for every system.

We are seeking an Information Systems Security Officer (ISSO) Intermediate (Int) for a prime contract that is based out of our Columbia, MD office.  As the ISSO Int, you will serve on a team that is responsible for the Authorization and Assessment process under the Risk Management Framework (RMF) for new and existing information systems and will be expected to maintain Authority to Operate compliance for all assigned systems.


The work environment is fast-paced and sometimes involves deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers. Our program includes easily available process information and support from others with similar positions across the team.


Responsibilities\: 

Maintain the appropriate operational security posture for assigned systems, programs, and/or enclaves. Provide guidance and technical expertise on all matters that impact or effect the security of the information system. Assist in the development and execution of an enterprise level continuous monitoring program to minimize security risks and ensure compliance with that program on a routine basis. Developing, updating, and submitting the System Security Plan and other required documentation that make up the Security Authorization Package. Conduct configuration management for security-relevant changes to software, hardware, and firmware. Perform and deliver security impact analyses of changes to the system or its environment of operation. Assess the effectiveness of system security controls on an ongoing basis to determine system security status. Maintain and enforce IT security policies and implementation guidelines for customer systems in diverse operational environments. Provides configuration management for security-relevant information system software, hardware, and firmware.

#divergent

* A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37 and familiarity with the ICD503, CNSSI1253, SP800-53, etc. Knowledge of commercial security tools and their uses. Experience with hardware/software security implementations. Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services. Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance. Experience creating and presenting documentation and management reports. Attendance is always critical. Must be able to work a 40-hour workweek, normally Monday through Friday.  However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur. Must be able to communicate effectively both verbally and in writing. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation. Must be able to interface with individuals at all levels of the organization both verbally and in writing.  Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously.  Must work well under pressure to meet deadline requirements.  Must take and pass a drug test and background check as well as a motor vehicle records check.

Clearance Required\: 

TS/SCI with Poly

Minimum Education\: 

A Bachelor’s Degree in Computer Science or IT Engineering or related field may be substituted for four (4) years of experience. DoD 8570.1 compliant IAM Level I certification, such as the CompTIA Security certification.  A higher-level certification, such as GSLC, CAP, CASP, CISM and/or CISSP will also be accepted.

Minimum Years of Experience\: 

Ten (10) years of related work experience in the field of security authorization or six (6) with applicable BS degree.

Preferred\: 

Should have experience working with the XACTA IA Manager. Should be highly analytical and effectively able to troubleshoot and prioritize needs, requirements, and other issues. Should be committed to continuous learning and system development because of the constant developing nature of cyber-attacks. Should have the ability to quickly learn new concepts, data formats, and software. Should be a self-motivated, independent, detail oriented, responsible team player, and exhibit exceptional relationship management skills. 

Pay Transparency Verbiage
Amentum’s health and welfare benefits are designed to invest in you and in the things you care about. Your health. Your well-being. Your security. Your future. Eligible employees and their dependents may elect medical, dental, vision, and basic life insurance. Employees are able to enroll in our company’s 401k plan, and, if eligible, a deferred compensation plan and Executive Deferral Plan. Employees will also receive 17 days of vacation per year, seven paid holidays, plus floating holidays and caregiver leave. Hired applicants will be able to purchase company stock and have the opportunity to receive a performance discretionary bonus.

The base salary range for this position is $170K to $185K. This range reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.

* A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37 and familiarity with the ICD503, CNSSI1253, SP800-53, etc. Knowledge of commercial security tools and their uses. Experience with hardware/software security implementations. Knowledge of different communication protocols, encryption techniques/tools, and PKI and authorization services. Familiarity with security incident management, experience collaborating with Incident Response Teams, and able to provide viable recommendations for the resolution or computer security incidents and vulnerability compliance. Experience creating and presenting documentation and management reports. Attendance is always critical. Must be able to work a 40-hour workweek, normally Monday through Friday.  However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur. Must be able to communicate effectively both verbally and in writing. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation. Must be able to interface with individuals at all levels of the organization both verbally and in writing.  Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously.  Must work well under pressure to meet deadline requirements.  Must take and pass a drug test and background check as well as a motor vehicle records check.

Clearance Required\: 

TS/SCI with Poly

Minimum Education\: 

A Bachelor’s Degree in Computer Science or IT Engineering or related field may be substituted for four (4) years of experience. DoD 8570.1 compliant IAM Level I certification, such as the CompTIA Security certification.  A higher-level certification, such as GSLC, CAP, CASP, CISM and/or CISSP will also be accepted.

Minimum Years of Experience\: 

Ten (10) years of related work experience in the field of security authorization or six (6) with applicable BS degree.

Preferred\: 

Should have experience working with the XACTA IA Manager. Should be highly analytical and effectively able to troubleshoot and prioritize needs, requirements, and other issues. Should be committed to continuous learning and system development because of the constant developing nature of cyber-attacks. Should have the ability to quickly learn new concepts, data formats, and software. Should be a self-motivated, independent, detail oriented, responsible team player, and exhibit exceptional relationship management skills. 

Pay Transparency Verbiage
Amentum’s health and welfare benefits are designed to invest in you and in the things you care about. Your health. Your well-being. Your security. Your future. Eligible employees and their dependents may elect medical, dental, vision, and basic life insurance. Employees are able to enroll in our company’s 401k plan, and, if eligible, a deferred compensation plan and Executive Deferral Plan. Employees will also receive 17 days of vacation per year, seven paid holidays, plus floating holidays and caregiver leave. Hired applicants will be able to purchase company stock and have the opportunity to receive a performance discretionary bonus.

The base salary range for this position is $170K to $185K. This range reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
Confirm your E-mail: Send Email